Logs: log4j or lucene?

Question

Logs: log4j or lucene?

We are building a web application, and my boss insists on using lucene, because the logs will be indexed, and the administrator can search and execute the request after.

But, IMHO, lucene is an indexing API, so I think it’s correct to use it to index things, and not to store logs. An administrator is usually an administrator, not a dumb user. He could open the log files perfectly and search inside it using CTRL + F, for example, a shortcut.

log4j is a log API, so it means that it should be used to log things. I think this is the right choice.

I'm right? What do you think about this? Is there an API that can be used to request a log file?

thanks.

+4

java logging log4j lucene

caarlos0 Jan 27 '12 at 12:50

source share

6 answers

I also agree that you need to use log4j, generate log files and search with ctrl + f, Lucene is not a good choice for this situation.

+6

Xosler Jan 27 '12 at 12:54

source share

Lucene is a text search API, not a framework. I would prefer slf4j . You can use the DB application and then query the results as needed.

+2

Ortwin angermeier Jan 27 '12 at 13:01

source share

Log4j has a JDBC application. This will obviously not update the index. If it’s normal to update the index manually or according to a schedule, that is, not have the ability in real time, then this is a fairly simple setup. If this is unacceptable, you can write your own user who uses Lucene or Hibernate Search. Thus, this is possible, and depending on the amount of search required in the logs, it may even be useful.

But: with this approach, you add extra overhead and possible problems (problems with the database and index). If searching through log files is so common that log files need to be indexed, something else smells.

+2

Hauke Ingmar Schmidt Jan 27 '12 at 13:01

source share

Perhaps your boss is looking for something like splunk (centralized indexing and a good query interface).

Disclaimer: this is a commercial product, and I do not work for them, and I am not connected in any way with the product :)

+2

milan Jan 27 '12 at 13:12

source share

I think the precedent will be the same lucene to facilitate the search and query. In an application that has several different logs, for example, login logs, action logs for a module, action logs in another module, logs privileged actions.

And the request will be possible for users with permission in the system in the form of reports so that they can check the entries.

Still do not know Splunk, can solve this problem

0

fhgomes_ti Jan 30 '12 at 12:48

source share

tuergeist · Accepted Answer · 2012-01-27T12:52:54+0000

Lucene Homepage states: "Apache Lucene (TM) is a high-performance, full-featured text search library written entirely in Java. It is a technology suitable for almost any application that requires full-text search, especially cross-platform."

This is definitely not a framework, and I have not recommended it for this problem. Use log4j to log or distribute loggig with Syslog4j .

Logs: log4j or lucene?

More articles: