Hi everyone,
I think the title sums it up, but I'll clarify anyway.
So, we would like to pull some information from our networking equipment. Very easily done, but we don't want to store it long term. The data we're looking for, at least right now, is primarily the usage statistics, such as what sites people are visiting most, how much traffic is blocked vs traffic that is allowed, etc.
We approached this with Graylog initially, but we severely underestimated just how much logging data we were dealing with. As it turns out, our networking equipment is very verbose. We aren't committed to storing that much data and Graylog doesn't have a straightforward way to store historical statistics and metadata while discarding or aging out the logs through retention policies.
Does Splunk have a way of accomplishing this? If so, would someone mind telling me the Splunk terminology? I've done some searching online, but I can't seem to find what I'm looking for.
Thank you, everyone.
... View more