Lately our syslog server has been struggling to keep up with the volume of traffic that we are sending it. It’s a home brewed solution that involves not much more than aggregating all of it in one place and then it gets sorted or carved into reports via kron and fancy grep/regex.
Recently we migrated this to a newer, beefier server, but since all of the code is written sequentially, more cores and ram in a VM don’t do much.
I’m between the option of getting someone to write a python application to make this more efficient and getting a purpose made tool to accomplish this (which is my preference), but I’m struggling to identify a good solution for a large enterprise. Most of the marketing materials are either older or can do everything better than anyone on paper. My VAR wasn’t too familiar with good solutions here either.
I had a few friends say I can do some good things with Hadoop, but I’m not quite sure if that’s going to collect everything or just carve up reports from a datastore elsewhere.
Any recommendations out there for both aggregation and reporting? What makes it feel like a good fit for a large enterprise?
No comments:
Post a Comment