There are many ways to store syslog data, and nearly all of them are better than what I am outlining here. If you’re looking to learn how to deal with syslog at scale, take a look at Graylog, or the Elk Stack or some other similar tool. There are many free and/or open source options to do this. Many of which I’ve setup and used for my employers.
For me though, I’m not looking to load big piles of data into some database and keep it stored for long periods, automatically indexed and cataloged. I don’t need that.
Instead, I’d like to gather logs from a handful of devices, store them as flat files based on the date, and then just throw them away after a month.… Click here to read more!