
Ask HN: Best log aggregation solution for a PHP app - cellover
At work I have been given the task to study log aggregation tooling for an e-commerce platform.<p>Current situation:<p>- logs are stored locally on each server, preproduction, staging and production
- no log replication whatsoever
- no aggregation, no monitoring on errors
- volumetry is &#x27;quite high&#x27; but I have not been able to stat is precisely yet<p>Goals:<p>- monitor application logs, not performance
- Self-hosted preferably, open source
- Remote log replication
- Real-time reporting, ability to &quot;see&quot; production errors quickly
- Alerting (Slack, mail...)<p>I have been studying different solutions but it seems none is absolutely perfect and here are the main pitfalls as I understand them:<p>Logs &gt; ELK - Logstash is the bottleneck, a cluster of 5 servers seems to be recommended<p>Logs &gt; MQ &gt; InfluxDB &gt; Grafana - no clustering in free version of InfluxDB<p>Logs &gt; New Relic (free version) - No data retention (3 days), no deployment tracking<p>Logs &gt; Syslog &gt; rsyslog &gt; syslog-ng &gt; logz.io<p>Sentry?<p>----<p>I would appreciate any feedback on the matter. Thank you!
======
stympy
Since you have nothing in place at the moment, I recommend you get _something_
in place while you are evaluating your options.

At honeybadger.io we use papertrail for log monitoring, and we love it, but
there are plenty of hosted options. Set up a free trial and you'll at least
get aggregation and monitoring now, plus an idea of what kind of logging
volume you'll need to support with your self-hosted solution.

