Graylog2 is an open source log management solution that stores your logs in MongoDB. It consists of a server written in Java that accepts your syslog messages via TCP, UDP or AMQP and stores it in the database. The second part is a web interface that allows you to manage the log messages from your web browser. Take a look at the screenshots or the latest release info page to get a feeling of what you can do with Graylog2.
The web interface
All data sent to Graylog2 will appear in the web interface. Use the web interface to search and filter your data. A core part of the web interface are streams: They basically are saved searches that allow you to quickly access an overview that is already pre-filtered to match for example specific parts of your application. You can also run monitoring and alerting on single streams or directly forward all messages that are matched into a stream to other endpoints.
How do I send my log data?
The Graylog2 server accepts standard syslog via TCP/UDP and GELF via UDP. You can also send in both formats via AMQP (AMQP Docs). You can configure your syslog daemons to send their data to Graylog2 or log directly from within your applications.
Graylog Extended Log Format
The Graylog Extended Log Format (GELF) avoids the shortcomings of classic syslog. It is perfect for sending log messages from within your applications in an easy and structured way. There are libraries and log appenders for Ruby, PHP, Python, Java/Log4j (gelf4j, gelfj), Log4r, .NET/log4net, node.js, Logback plugin and Rack. Read more about it here: GELF.
How much log data can Graylog2 handle?
Graylog2 is able to handle millions of log events and terrabytes of data. The server can handle and route thousands of messages per second. MongoDB as a data backend scales well and the Graylog2 server is ready to be run in multiple instances
Graylog2 has proven its stability in large production deployments around the world. Parsing of the syslog messages in the Graylog2 server is handled by the mature Syslog4j
Taulia is hosting a live Graylog2 demo: http://public-graylog2.taulia.com/ Log in with the user admin or user and the password graylog2