Am 19.08.2016 um 12:44 schrieb Andreas Kretschmer:
> Thomas Güttler <guettliml@thomas-guettler.de> wrote:
>
>>> How will you be using the logs? What kind of queries? What kind of searches?
>>> Correlating events and logs from various sources could be really easy with joins, count and summary operations.
>>
>> Wishes raise with possibilities. First I want to do simple queries about
>> hosts and timestamps. Then some simple substring matches.
>
> for append-only tables like this consider 9.5 and BRIN-Indexes for
> timestamp-searches. But if you deletes after N weeks BRIN shouldn't work
> properly because of vacuum and re-use of space within the table.
> Do you know BRIN?
>
> So, in your case, consider partitioning, maybe per month. So you can
> also avoid mess with table and index bloat.
Thank you very much for these hints. I did not know BRIN before.
> Greetings from Dresden to Chemnitz (is this still valid?)
Yes, I am in Chemnitz/Germany. Everything (kids, wife, friends, sports, job) is fine.
I hope the same with you?
Regards,
Thomas Güttler
--
Thomas Guettler http://www.thomas-guettler.de/
