This site uses different types of cookies, including analytics and functional cookies (its own and from other sites). To change your cookie settings or find out more, click here. If you continue browsing our website, you accept these cookies.
based on my question about reading server logs with alteryx as opposed to splunk, are there metrics out there for the impact of reading logs, directly with alteryx (either with static input or in-db) vs writing all those logs to one central server and reading from there? if it matters, these are linux servers and we'd be reading /var/log/messages but I don't think what we're reading would make a difference.
@becki What is the end goal of this project? Is it just to analyze logs and try to find infrastructure peaks/errors? You can definitely analyze those logs in alteryx. Typically, logs are stored in a database or flat files (csv etc) and are usually big in size. If they are stored in a database, you can use the in-db tools to analyze the logs and write it out after doing the analysis. If in a flat file, Alteryx can read in all of them from the single folder structure and analyze it. Hope this helps.
well, we're not really certain what the final outcome is that we're looking for. We are writing 120 TSM (an IBM backup product) worth of logs to one server then reading from that one server, via DBConnect, to Splunk, to look at logs and open trouble tickets. What we're curious about is what kind of performance hit, if any, the TSM servers would take if instead, they were feeding, via DBConnect/DB2, to an Alteryx server and it was reading the logs directly. Are there any metrics of what kind of performance issue this might cause? thanks