alinaπΎ
π
β¨
π³οΈββ§οΈ
@ChloeCrimson@transgirl.cafe elastic is pretty much obsolete with victorialogs tbh
Chloe Crimson :v_trans: :v_lesbian:@alina@girldick.gay gave the docs a quick skim and victorialogs doesnβt seem to do log parsing which makes it unfitting for a SIEM use case
But could be decent for a simple centralized logging platform
alinaπΎπβ¨π³οΈββ§οΈ@ChloeCrimson@transgirl.cafe what do you mean by logs parsing, it has a query language, isn't that parsing the logs?
Chloe Crimson :v_trans: :v_lesbian:@alina@girldick.gay no, not quite
VictoriaLogs has full text search (good!) but there seems to be no option to parse your logs with, say, Grok patterns or anything like that
Log parsing means that you separate your logs into fields and values to make your log monitoring work properly
Say: in this particular field of a log message, is this string or value. Alert if itβs that string or how many of these values do we have over x amount of time
For this to work you need more than full text index because you need proper key:value separation
Chloe Crimson :v_trans: :v_lesbian:@alina@girldick.gay thatβs also what makes solutions like Elastic and Opensearch (backend for Graylog) so heavy and seem so clunky next to tools like Grafana Loki or apparently Victoria metrics