> I'm searching for a central syslogserver with webaccess. The messages > should be stored in a database (oracle would be great). The server should > have the following features: > > - delete old messages after a period of time (errors and warnings should > live longer than notifications) > - drop certain messages I dont want to store in the database > - filter messages by source and severity > - search in messages > - save searches > - muli-user capability
We created what may be exactly what you're after, or nothing like what you want =) We ran into a similar problem and created Open Syslog <http://www.opensyslog.com/>, which is basically GMail for any text data, plus a bunch of ways to easily get data in and out (including syslog and CLI). It's delivered over the net so it's live in ~45 seconds, with zero server/DB management or scaling. As you said, what we wanted was as much a Web server as a syslog server. Like GMail, you can search Open Syslog for an IP, subnet, or domain name and it will find regardless of where it came from (or in GMail, which labels it has). Using your example, this is a valid search: "chain failed validation" OR "Peer Certificate". You can also constrain further (by source, severity, and other aspects). It's in a growing beta test. If you (or anyone else) want to try it, sign up on opensyslog.com or email me questions off-list. It's meant to solve 4 problems with text data: 1. It sits on filesystems where nobody sees it, and is not easily consumable via the Web, email, and RSS, let alone by whole teams. 2. One needs to know what to look for. There's no easy way to see "everything new or strange," yet that is what's most useful. 3. Related data is split across multiple apps, directories, and systems. They can't easily be managed by content (username, IP address, message ID) instead of by source. 4. The single datacenter ("behind the firewall") is dead. Everyone distributes datacenters, servers, clouds, and slices now. Cheers, Troy -- Seven Scale, creators of Cloudvox and Open Syslog _______________________________________________ Tech mailing list [email protected] http://lopsa.org/cgi-bin/mailman/listinfo/tech This list provided by the League of Professional System Administrators http://lopsa.org/
