
Ekanite: Syslog server with built-in search - otoolep
https://github.com/ekanite/ekanite
======
necessity
>Its goal is to do one thing, and do it well -- make log messages received
over the network searchable

Nope, that's two things. It might do them well, though.

~~~
SriniK
Meant as not a generic search tool like ES. This is just for logs.

------
lobster_johnson
Ekanite looks interesting, but on first look, a design that combines
collection, storage and analysis rubs me the wrong way. It's at least three
different things that have such different performance implications and
behaviour that it's a design mistake to couple them tightly. I've been through
this process many times myself.

~~~
otoolep
Ekanite author here. Thanks for the feedback, but I'm not sure I agree. The
whole point of the design was to build a system that did it all, though I
agree there are trade-offs to be made that might not be necessary for distinct
systems. But the advantage of having it all in one system is also significant.
It makes deployment almost trivial.

I (along with a great team) also built the equivalent system as a large-scale
SaaS-based analytics system (Loggly's 2nd generation system) and I was curious
to see if I could do the same thing in a single binary -- hence Ekanite.
Granted Ekanite doesn't provide all the features of that system, such as
custom parsing and multi-tenancy, but many of the principles are present.

------
w8rbt
grep is syslog search ;)

~~~
bigdubs
can't invoke grep (safely) with a browser

~~~
iokanuon

      grep < log -- "$query"

