LOGalyze can collect or receive any kind of data via its Collectors. Collectors gather (active) or receive (passive) data from outside, parse incoming data on low level (Transport Protocol and Data format) and forward the objects to the Log Definitions. Log Definitions identify the data based on a pattern or a logical expression, do some basic parsing, generate metadata, store the raw log and index them.
LOGalyze can collect data from the following sources:
- syslog clients (syslogd, syslog-ng, rsyslog, Snare, nxlog, etc...)
- database, collects and analyzes data from an SQL query
- network socket + TXT format
- network socket + JSON format
- SNMP trap
To gather or receive data from outside you have to define at least one Collector and start it. See next chapter for details: Collectors .