is there a opensource log correlation application? I know only SEC[1]. The best would be if the application could work in clustered setup and would understand even structured logs, not only free-text logs (like those from syslog).
Asked
Active
Viewed 702 times
1 Answers
0
While SEC (actually perl) is quite powerful, I also found these limitations that it can only operate on a free-text logs and for time-based correlation it does not use the actual time of the event but only the time when SEC received it.
There is correlation in nxlog (disclaimer: I'm affiliated) with support for structured logs. Syslog-ng can do some correlation also.
b0ti
- 986
- 1
- 6
- 13