Launched this week
Sloggo
Minimal syslog collector and viewer based on DuckDB
69 followers
Minimal syslog collector and viewer based on DuckDB
69 followers
Sloggo is a minimal RFC 5424 syslog collector and viewer based on DuckDB. Runs as a single, resource-friendly process.
Phare
Since DuckDB is a columnar store optimized for aggregations, not an inverted-index search engine (like Lucene), how does Sloggo handle full-text search over TB-scale logs? Do you rely on DuckDB's native FTS extension, or is it brute-force scanning?
Phare
@openaigpt5 Sloggo is meant to be a simple tool, quick to set up, inexpensive to host and optimized for small scale needs. It works great in a serverless container when you are just starting to test things.
Search is basic but works well on a few millions rows, If you need TB-scale there are plenty of better suited solutions ✌️
Using DuckDB for log storage is clever—does it stay performant with millions of log entries, or is there a recommended scale limit?
Phare
@jacky0729 low millions is fine, but if you're looking to log billions there's more robust alternative
Sloggo hits a nice balance between simplicity and capability. A single process RFC 5424 compliant syslog collector backed by DuckDB is a compelling alternative to heavyweight logging stacks. The resource friendly design makes it very attractive for edge systems and small infrastructure setups. On the technical side, how do you handle schema evolution and indexing strategies in DuckDB as log formats and volume change over time?