On Tue, Jan 29, 2002 at 08:41:13PM -0800, Scott Nelson wrote: > > We're currently checking out a product by a startup - Addamark - > www.addamark.com - which is a distributed log management system. > We're testing a 3 node system and so far have been impressed with the > feature set and folks who work there. They are just about to release > version 1.0 I believe. In some of our logs we're seeing up to > 50-to-1 compression when imported into their system. So we're > hopeful we'll be able to start storing a few months of logs... > Anyone else here looked at the product? If you're dealing with large > sets of logs you should give them a look see. Great bunch of people > working there - just down the street from my office in SF. My boss is also the boss of the log processing group for our company. We measure our storage for logs in the terrabytes, but still can't keep very many days of web logs stored in the filesystem. We have a 5 node addamark system we're testing out, and my boss offered to let me use it for syslogs as well. I have serious reservations about storing syslog data alongside logs which are critical to my company's income. The reason is because a loghost is by it's very definition a target for intruders/crackers. I've seen intruders head straight for them. I'm thinking of setting up a singe or double node addamark system just for syslogs. I'd recommend that others on the list look at their log storage the same way - that they separate the possible attack targets and business critical systems whenever possible. -- Nate Campi | Terra Lycos DNS | WiReD UNIX Operations Fear leads to anger. Anger leads to hate. Hate leads to using Windows NT for mission-critical applications. --------------------------------------------------------------------- To unsubscribe, e-mail: loganalysis-unsubscribeat_private For additional commands, e-mail: loganalysis-helpat_private
This archive was generated by hypermail 2b30 : Tue Jan 29 2002 - 22:17:54 PST