Except splunk has extensive indexing and routing capabilities with a search interface on for good measure. It would be more accurate to say kibana + logstash is roughly == splunk
-- Gary F. On May 29, 2013, at 11:02 AM, Josh Bitto <[email protected]> wrote: > Kibana is comparable (kinda) to splunk. It's just a configurable interface > for logstash and elastic search. > > > > > -----Original Message----- > From: [email protected] > [mailto:[email protected]] On Behalf Of David Lang > Sent: Wednesday, May 29, 2013 9:54 AM > To: rsyslog-users > Subject: Re: [rsyslog] Rsyslog 7.2.7 and Kibana 3 > > I haven't heard of Kibana before, can you provide a link to it? > > How does it interact with rsyslog, does it access elasticsearch, reading the > data that rsyslog wrote? > > If this is the case, your best bet is probably to see what Kibana is > expecting the data to look like and then modify the template on rsyslog to > put the data in that format. > > David Lang > > On Wed, 29 May 2013, Jason A. Johnson wrote: > >> Hello, >> >> I'm currently working on a central logging solution which seems to be >> working great. Rsyslog forwarding logs to the central logging server >> which has been upgrade to version 7.2.7 and elasticsearch storing the >> logs. Searching elasticsearch I can see that logs are being sent/stored. >> However I would like to get the frontend working which is kibana 3. >> I'm wondering if anyone has been able to get kibana 3 working with >> rsyslog or could point me in the direction of what I would need to >> change on kibnana side to have the logs visible. Logstash setting are >> the default for kibana so it works out of the box. I have looked at >> the defaults for kibana and the only difference I can see that needs >> to be updated is the timestamps defaults index: >> >> "index": "[logstash-]YYYY.MM.DD" I have changed that to "system" which >> is what shows up in elasticsearch when logs are forward from rsyslog >> to be stored. However no logs are being displayed in kibnana. >> >> If someone has any idea what I'm missing would be hopeful. >> Thank You, >> Jason >> >> _______________________________________________ >> rsyslog mailing list >> http://lists.adiscon.net/mailman/listinfo/rsyslog >> http://www.rsyslog.com/professional-services/ >> What's up with rsyslog? Follow https://twitter.com/rgerhards NOTE >> WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of sites >> beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE >> THAT. >> > _______________________________________________ > rsyslog mailing list > http://lists.adiscon.net/mailman/listinfo/rsyslog > http://www.rsyslog.com/professional-services/ > What's up with rsyslog? Follow https://twitter.com/rgerhards NOTE WELL: This > is a PUBLIC mailing list, posts are ARCHIVED by a myriad of sites beyond our > control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE THAT. > _______________________________________________ > rsyslog mailing list > http://lists.adiscon.net/mailman/listinfo/rsyslog > http://www.rsyslog.com/professional-services/ > What's up with rsyslog? Follow https://twitter.com/rgerhards > NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of > sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T > LIKE THAT. _______________________________________________ rsyslog mailing list http://lists.adiscon.net/mailman/listinfo/rsyslog http://www.rsyslog.com/professional-services/ What's up with rsyslog? Follow https://twitter.com/rgerhards NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE THAT.
