Q10 Syslog is a standard for sending and receiving notification messagesin a particular formatfrom various network devices. The messages include time stamps, event messages, severity, host IP addresses, diagnostics and more. In terms of its built-in severity level, it can communicate a range between level 0, an Emergency, level 5, a Warning, System Unstable, critical and level 6 and 7 which are Informational and Debugging.

Syslog messages are usually stored in NoSQL for batch processing. And typically one would want to (i) identify critical messages as they occur, (ii) view the most critical events for a particular day and (iii) view all events generated by a one critical network component. Propose an architecture for responding to the needs stated above. A particular attention should be paid to the storage solution in order to answer both need (ii) and (iii) efficiently.