ispCP - Board - Support - VHCS fork / ispCP Omega Development Area / Small Talk / Log centralisation / mining

Post Reply  Post Thread 
Log centralisation / mining
Author Message
rbtux
Member
***


Posts: 1,200
Group: Registered
Joined: Feb 2007
Status: Away
Reputation: 22
Post: #1
Log centralisation / mining

Does anybody know a log centralisation / log mining solution comparable to splunk but opensource?

What do other users use?

OS: Debian Lenny
ispCP Version: Trunk r1033
Activated: AWStats dynamic, Dovecot, Avelsieve, Selective Greylisting, Bogus MX Filter,
No Webtools, Roundcube, Some own modifications
01-21-2008 06:55 PM
Visit this user's website Find all posts by this user Quote this message in a reply
BeNe
Moderator
*****


Posts: 2,557
Group: Moderators
Joined: Jan 2007
Status: Offline
Reputation: 35
Post: #2
RE: Log centralisation / mining

Maybe you can use syslog-ng that comes with must Distris.
But long not so nice and rich on features like splunk.

Greez BeNe



:: ispCP Omega RC5 Live Demo - r1267 (19.05.08) --> http://www.isp-control.net/forum/ispcp-o...ml#pid2169 <--
01-21-2008 07:14 PM
Visit this user's website Find all posts by this user Quote this message in a reply
rbtux
Member
***


Posts: 1,200
Group: Registered
Joined: Feb 2007
Status: Away
Reputation: 22
Post: #3
RE: Log centralisation / mining

i really like the search engine of splunk... I think I'll use splunk as it's free until 500m/day... that should be enough for the moment...

OS: Debian Lenny
ispCP Version: Trunk r1033
Activated: AWStats dynamic, Dovecot, Avelsieve, Selective Greylisting, Bogus MX Filter,
No Webtools, Roundcube, Some own modifications
01-21-2008 11:17 PM
Visit this user's website Find all posts by this user Quote this message in a reply
ephigenie
Administrator
*******
Administrators

Posts: 570
Group: Administrators
Joined: Oct 2006
Status: Offline
Reputation: 9
Post: #4
RE: Log centralisation / mining

eventually you can try to use mod_log_spread
or use mod_log_sql ...

but sql loggin should be on a dedicated server for big environments as databases can grow quick to several gb.
Impact on performance is around 1-2% . Modlogan is able to generate stats directly out of the db. Otherwise you can use a pipe with mysql client to feed awstats via stdin...

mod_log_spread is best for cluster environments.

01-22-2008 12:15 AM
Visit this user's website Find all posts by this user Quote this message in a reply
rbtux
Member
***


Posts: 1,200
Group: Registered
Joined: Feb 2007
Status: Away
Reputation: 22
Post: #5
RE: Log centralisation / mining

thanks malte

i'll check this one out...

OS: Debian Lenny
ispCP Version: Trunk r1033
Activated: AWStats dynamic, Dovecot, Avelsieve, Selective Greylisting, Bogus MX Filter,
No Webtools, Roundcube, Some own modifications
01-22-2008 12:59 AM
Visit this user's website Find all posts by this user Quote this message in a reply
Post Reply  Post Thread 

View a Printable Version
Send this Thread to a Friend
Subscribe to this Thread | Add Thread to Favorites
Forum Jump:

Contact Us | isp Control Panel ( ispCP ) a VHCS fork | Return to Top | Return to Content | Lite (Archive) Mode | RSS Syndication

| All rights reserved : isp-control.net |