Logstash vs Riemann: What are the differences?
Developers describe Logstash as "Collect, Parse, & Enrich Data". Logstash is a tool for managing events and logs. You can use it to collect logs, parse them, and store them for later use (like, for searching). If you store them in Elasticsearch, you can view and analyze them with Kibana. On the other hand, Riemann is detailed as "A network monitoring system". Riemann aggregates events from your servers and applications with a powerful stream processing language. Send an email for every exception in your app. Track the latency distribution of your web app. See the top processes on any host, by memory and CPU.
Logstash can be classified as a tool in the "Log Management" category, while Riemann is grouped under "Network Monitoring".
Some of the features offered by Logstash are:
- Centralize data processing of all types
- Normalize varying schema and formats
- Quickly extend to custom log formats
On the other hand, Riemann provides the following key features:
- See your system at a glance with a Sinatra app
- Throttle or roll up multiple events into a single message
- Forward any event stream to Graphite
"Free" is the primary reason why developers consider Logstash over the competitors, whereas "Sophisticated stream processing DSL" was stated as the key factor in picking Riemann.
Logstash and Riemann are both open source tools. It seems that Logstash with 10.3K GitHub stars and 2.78K forks on GitHub has more adoption than Riemann with 3.78K GitHub stars and 509 GitHub forks.