Ok, maybe I don't explain myself as well as I guess. I read about the log analyzer of elasticsearch, but I understood that analyze is for statistic of incoming logs and more options, but here are a couple of case that I need to report:
1- My boss ask me for a report for top 10 enterprises that have more surfing in weekend. 2- My principal specialist ask me for the total of outgoing MB of email of an user or other Enterprise. 3- There's a problem with an enterprise, so we need to make a report with the hours (out of work days), dates, sites and files for that enterprise. Is possible to make this kind of analysis with elasticsearch and export it? On Fri, Oct 3, 2014 at 10:53 PM, David Lang <[email protected]> wrote: > What are you looking for when you say "analyze logs" > > There is real-time analysis of logs to look for specific entries or > combinations of entries and generate alerts. Simple Event Correlator (sec) > is a very powerful tool for this sort of work > > There are periodic reports summarizing data into reports > > There is generating trending data (frequently for graphs) > > There is unplanned searches of logs (Elasticsearch is great for this) > > David Lang > > > > On Fri, 3 Oct 2014, Carlos Manuel Trepeu Pupo wrote: > > OK, thanks both of you to answer almost all my doubts. I have been passed >> all day reading and here come new problems. >> >> How can I analyze the LOGs ? I use WebSpy as log analyzer, but anyone of >> you guys tell me how can I analyze POSTFIX, SQUID, FREE RADIUS, and others >> if they are in database? >> >> In case that the databases are in mySQL there is no problem, but when I >> have elasticsearch, what software I can use? >> >> P.S: I read about elasticsearch and I love the way they solve problems and >> show statistic, but without log analyzer, I can't do anything. >> _______________________________________________ >> rsyslog mailing list >> http://lists.adiscon.net/mailman/listinfo/rsyslog >> http://www.rsyslog.com/professional-services/ >> What's up with rsyslog? Follow https://twitter.com/rgerhards >> NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad >> of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you >> DON'T LIKE THAT. >> >> _______________________________________________ > rsyslog mailing list > http://lists.adiscon.net/mailman/listinfo/rsyslog > http://www.rsyslog.com/professional-services/ > What's up with rsyslog? Follow https://twitter.com/rgerhards > NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad > of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you > DON'T LIKE THAT. > _______________________________________________ rsyslog mailing list http://lists.adiscon.net/mailman/listinfo/rsyslog http://www.rsyslog.com/professional-services/ What's up with rsyslog? Follow https://twitter.com/rgerhards NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE THAT.
