The simplest configuration accepts system logs from /dev/log (from applications or forwarded by systemd) and writes everything to a single file: @version: current @include "scl.conf" log { source { ...

Sloggo is a lightweight log collection and exploration tool. It ingests logs over TCP and UDP using the RFC 5424 Syslog protocol, stores them in DuckDB, and presents them in a clean, modern web UI.