I run a small home lab - number of servers varies from time to time. Currently five, all Linux.
When I heard about log consolidation I imagined that I would get a nice dashboard type view where I could see a consolidated, real time, view of all my server logs go by. Victoria Logs does that for me. I also imagined that there would be a way to flag particular log entries as “normal, and expected” so they would be excluded in the future - the goal being to get this dashboard to a state where if anything appears, it’s probably bad. I can’t see a way to do that in Victoria Logs. Do I need to try harder? If Victoria Logs won’t do it - is there anything that will?
Elastic is heaaaaavy. You might want to check out Loki, I haven’t used it but I think it’d be easier to get started with than Victoria logs since it integrates tightly with grafana