A while ago we published the slides from our talk at Lucene Revolution about using Solr for indexing and searching logs. This topic is of special interest for us, since we’ve released Logsene and we’re also offering consulting services for logging infrastructure. If you’re also into working with search engines or logs, please note that we’re hiring worldwide.
Free eBook: Centralized Logging with Rsyslog
Evaluating rsyslog for a log management project? This eBook covers all you need to know about collecting and parsing data using rsyslog. You’ll find useful how-to instructions, code, structured logging with rsyslog and Elasticsearch, and more.
The video for that talk is now available, and you can watch it below. The talk is made of three parts:
- one that discusses the general concepts of what a log is, structured logging and indexing logs in general, whether it’s Solr or Elasticsearch
- one that shows how to use existing tools to send logs to Solr: Rsyslog and Fluentd to send structured events (yes, structured syslog!); Apache Flume and Logstash to take unstructured data, make it structured via Morphlines and Grok, and then send it to Solr
- one that shows how to optimize Solr’s performance for handling logs. From tuning the commit frequency and merge factor to using time-based collections with aliases