[Oisf-users] Best options to manage http.log file
carlopmart
carlopmart at gmail.com
Tue Nov 29 14:25:46 UTC 2011
On Tue, 29 Nov 2011, Martin Holste wrote:
>> Thanks Paul and Martin. I am evaluating ELSA and Splunk at this moment.
>> But reading docs and install script for ELSA it seems to difficult to
>> maintain (I'm not worried about time spent on installation, but it is
>> important time needed to upgrade, to patch, etc).
>
> Thanks for giving it a look. Splunk is a fine option. ELSA's main
> advantages are speed and being free for any log volume, which is
> important if you start sending firewall, router, and server logs to
> it. I will note that there is an update_from_svn.sh script included
> in ELSA that will automatically update local code from the repository,
> which is usually all that's needed to keep current. I would say that
> Splunk upgrades require roughly the same amount of work. In any case,
> I'm interested in any feedback your have on ELSA, especially if you
> run into any issues.
>
Thanks Martin. I will to try to install an ELSA instance on a lab to do
some tests ...
---
CL Martinez
carlopmart {at} gmail {d0t} com
More information about the Oisf-users
mailing list