[00:19] <manis05> We're currently searching for a log management solution that allows us to collect specific logs from all our servers and centralize them for easy access by our team. Here are the options that are on our radar: Graylog, Papertrail, Logtail, Instana, ELK Stack, rsyslog, and Syslog-ng. Which do you think is the best in terms of cost, efficiency, low resource usage, and overall ease of management? Or do you have any other recommendations?
[00:19] <minimal> loki?
[00:21] <manis05> minimal: Thanks! Are you using loki? If you do, what's your opinion of it?
[00:22] <minimal> I haven't used it yet but am intending to use it
[00:23] <manis05> Got it. I think we could add that to our options.
[01:17] <patdk-lap> syslog-ng doesnt do any of that
[01:17] <patdk-lap> what you need to figure out is how you want to search/access your logs
[01:18] <patdk-lap> how you collect them will only matter once you figure out how you actually use them
[01:18] <patdk-lap> elk is nice, but it is resource heavy, if you have the resources for it, nice, if you dont want the expense, then elsewhere
[01:28] <manis05> patdk-lap: Thanks! I did read somewhere that syslog-ng can be configured for centralized log management, that's why I added it to our list of options. Thanks for clarifying.
[01:28] <patdk-lap> well, rsyslog and syslog-ng can help manage centeralized collection
[01:28] <patdk-lap> but that doesn't matter, till you figure out how you want to store/access them
[01:28] <patdk-lap> like if going ELK, it would be ideal to use the elk tools to collect the logs instead of rsyslog/syslog-ng
[01:29] <patdk-lap> so it all just rolls down from what you will be storing them with, and how
[01:29] <patdk-lap> then you can figure out how to plan the distribution of the log collection
[01:29] <JanC> even journald can centralise logs...
[01:30] <manis05> I had experience in setting up an ELK stack before and it is resource heavy, so we're having second thoughts. But yes, I think it's worth exploring.
[01:30] <patdk-lap> if you want fast log lookup and json friendly, it is really nice
[01:30] <patdk-lap> but if not needed, heh, kindof overkill
[01:31] <manis05> JanC: Thanks! We'll look into that.
[01:31] <patdk-lap> personally, I have ELK in some places, cloudwatch in others, and just mysql in another
[01:32] <manis05> patdk-lap: Thanks for your input, I really appreciate it! I guess we'll have to explore ELK Stack and see if it's good for our needs.
[01:33] <patdk-lap> ya, defently prioritize how you will *search* and use the log system
[01:33] <patdk-lap> the collection part is simple :)
[01:33] <JanC> and how often you need that
=== halves3 is now known as halves