Circolog proposes a different approach to the problem of having useful logs.

Circolog is a syslog server which doesn't write to disk. Ever. It doesn't consume tons of RAM like elasticsearch/logstash, nor does it give you plots and a very long history. It is however a very useful tool when you want to minimize disk writes. We wrote it thinking about user privacy: your logs can be just as sensitive as your database if you log too much!

[Spiegone su casi d'uso, buttare i log, debuggare rapidamente magari applicazioni verbose, eccetera]

Why it is cool in 2 minutes

circolog-tail -where 'prog=="apache" and msg LIKE "%memory%"'
circolog-tail -where '(prog=="apache" OR prog LIKE "php%") AND msg LIKE "%memory%"'
circolog-tail -where 'prog=="mysql" OR sev >= warning'

Security considerations

While we try our best not to introduce vulnerabilities, this software is not meant to be exposed on the wider internet. Beware of binding it on something different from localhost.

Even without being exposed, care must be given to socket permissions: don't let unprivileged users read your logs! We suggest that you use a dedicated user/group to run circolog, and make root part of that group.