Expanding a bit here: Splunk is free for < 500MB day and has one of the easiest UIs, so you can run on same-node or elsewhere, and deploy via docker to skip most weird setup. So just record syslog, volume mount to a Splunk docker, enable syslog reading + nix metrics, and done. (Too bad no free cloud for the same...)
We work with a ton of log tools as company bringing graph analytics+vis to investogations largely log & event data, and I've increasingly shifted to that when I need easy basics.
We work with a ton of log tools as company bringing graph analytics+vis to investogations largely log & event data, and I've increasingly shifted to that when I need easy basics.