Try Splunk For Free
Sentor log management solution are built around the versatile IT-data search engine Splunk. It is a very flexible solutions that can handle pretty much any sourcetype and logformat you can come to think of.
Splunk is licensed by the daily log volume which means you need to have an idea of how much data you will index on a daily basis. Fortunately this is something you can use Splunk to find out!
Simply download a suitable version of Splunk for your operating system from the Splunk website .
When you have configured your logsources you can use a search command like this to show the daily volumes:
index=_internal source=*metrics.log group=per_index_thruput
series!=_* | timechart span=1d sum(kb)
When your trial license expire you can either contact info@sentor.se to purchase a fitting license or select to run SplunkFree. The free version has a few limitations, such as only being able to index 500MB daily, and the web GUI lacks proper access controls. You can work around the access control limitation by running a reverse proxyserver infront of the Splunk GUI, for example Apache or nginx and implement access controls in the proxy.
