In reply to @ttyS1:

My main aim is to create alerting system. Find patterns in the logs and feed it to an external script.

I'd suggest a combination of #syslog-ng, #riemann, #elasticsearch and #collectd. Fabien Wernli wrote a detailed guide on how to set this up: http://devops.com/features/guide-modern-monitoring-alerting/

I'm in the process of setting up something similar, replacing my older, dumber setup.