什么是用于审核/记录数据库的好的NoSQL和非关系数据库解决方案 [英] What are good NoSQL and non-relational database solutions for audit/logging database

问题描述

什么是合适的数据库?我对您使用非关系型 NoSQL 系统的经验特别感兴趣. 它们对于这种用法，您使用过的系统以及推荐的系统有什么好处，还是我应该使用普通的关系数据库(DB2)?

What would be suitable database for following? I am especially interested about your experiences with non-relational NoSQL systems. Are they any good for this kind of usage, which system you have used and would recommend, or should I go with normal relational database (DB2)?

我需要将审计跟踪/记录类型信息从一堆来源收集到一个 集中式服务器，我可以在其中高效地生成报告并检查系统中正在发生的事情.

I need to gather audit trail/logging type information from bunch of sources to a centralized server where I could generate reports efficiently and examine what is happening in the system.

通常，审核/记录事件通常由一些必填字段组成，例如

Typically a audit/logging event would consist always of some mandatory fields, for example

• 全局唯一ID(某些由生成此事件的程序生成的ID)
• 时间戳
• 事件类型(即用户登录，发生错误等)
• 有关源(server1，server2)的一些信息

另外，该事件可能包含0-N个键值对，其中值可能长达几千个字节.

Additionally the event could contain 0-N key-value pairs, where value might be up to few kilobytes of text.

• 它必须在Linux服务器上运行
• 它应该可以处理大量数据(例如100GB)
• 它应该支持某种有效的全文本搜索
• 它应允许并发读写
• 添加新事件类型并向新事件添加/删除键值对应该是灵活的. Flexible =无需更改数据库架构，生成事件的应用程序可以根据需要添加新的事件类型/新字段.
• 对数据库进行查询应该是高效的.用于报告和探索发生了什么.例如:
  • 在某个时间段内发生了多少个类型为X的事件.
  • 获取所有事件，其中字段A的值为Y.
  • 获取所有类型为X的事件，并且字段A的值为1而字段B的值为2，并且事件发生在最近24小时内
  • It must run on Linux server
  • It should work with high amount of data (100GB for example)
  • it should support some kind of efficient full text search
  • It should allow concurrent reading and writing
  • It should be flexible to add new event types and add/remove key-value pairs to new events. Flexible=no changes should be required to database schema, application generating the events can just add new event types/new fields as needed.
  • it should be efficient to make queries against database. For reporting and exploring what happened. For example:
    • How many events with type=X occurred in some time period.
    • Get all events where field A has value Y.
    • Get all events with type X and field A has value 1 and field B is not 2 and event occurred in last 24h

    推荐答案

    我看到成功使用的两个是 MongoDB 和 Cassandra .

    The two I've seen used successfully are MongoDB and Cassandra.

    这篇关于什么是用于审核/记录数据库的好的NoSQL和非关系数据库解决方案的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！