1

I have data like this:

Date/Time, Source, EventType

I want a tool to be able to run on this data (I can format it or put it in a database or anything), but I want to be able to see trends - like weekdays, volume by source, relative volume of different sources, etc.

Something easy to use.

I can write my own SQL queries and things like that, but I'm looking for something off the shelf which has good graphs and things so I can spend more time playing with it to learn about the data instead of writing something myself and spend all my time writing the tool.

Cade Roux
  • 375
  • 2
  • 5
  • 18

2 Answers2

1

Splunk seems to be the go-to tool for this type of thing. Depending on your log volume, though, it can be expensive.

EEAA
  • 108,414
  • 18
  • 172
  • 242
  • It's a small volume - about 300 events a day, just having a hard time visualizing it - want something to make patterns and things obvious. – Cade Roux Jul 06 '11 at 21:07
1

A free option that seems inspired by Splunk is Graylog2. Has various ways of inputting data, such as basic syslog, and does visualization and analysis.

Splunk is definitely more powerful, but expensive for most useful datavolumes. The free version allows 500MB/day.

Martijn Heemels
  • 7,438
  • 6
  • 39
  • 62
  • It's a small volume - about 300 events a day, just having a hard time visualizing it - want something to make patterns and things obvious. – Cade Roux Jul 06 '11 at 21:07
  • Then definitely have a look at Splunk Free. Its flexible about the input data and easy to play around with. – Martijn Heemels Jul 07 '11 at 21:15