Been sending various logs to loggly.com the past few weeks using their 30-day trial to see how they do.

If you want to send them logs, you do have to configure some things on the source host before Loggly will consume logs such as syslog, however it’s pretty straightforward and easy to set up.

They do have some preconfigured apps that you can use for log reporting on logs from linux syslog, windows events, nginx, etc. so that’s pretty cool.

And they do have the ability to create custom searches that can then in turn be used for alerting purposes.

So for example you can set up a search for successful SSH logins and then use that as an alert to let you know someone has just successfully logged in using SSH.

You can also archive logs to Amazon S3 if you like as well.

Unfortunately this is all with the trial version of the Enterprise plan so I’m not sure if I can get features like archiving and alerting on the less expensive plans. I have asked to find out however.

*Update: I ended up chatting with them by email and getting a custom package. 1 GB daily limit, email alerting and S3 log archiving for like $80/month. Not bad given that I am using it pretty extensively now for website logging, honeypot logging and other general syslog events.