Hello all, On Tue, Mar 04, 2014 at 03:49:25PM +0100, Daniel Pocock wrote: > The rsyslog mongodb output module and the PHP mongodb modules are now in > wheezy-backports. This would appear to be sufficient to do something like: > > rsyslog => mongodb => loganalyzer > > Has anybody else tried that or does anybody have any comments on it (or > recommended alternatives)?
That actually did work for a time, but something broke starting with rsyslog 7.4.0-1. Since then the format of the data dumped into mongodb doesn't match what tools like loganalyzer expect, cf. #721277 / #728827. As I was merely experimenting with it I didn't follow up any further. We ended up using hadoop for some log analysis, but that's quite a different framework for such a task and as such requires a copious amount of study ... YMMV. Cheers, Flo -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20140305080931.ga7...@fernst.no-ip.org
