From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from pigeon.gentoo.org ([208.92.234.80] helo=lists.gentoo.org) by finch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1MH2kh-0008Rs-To for garchives@archives.gentoo.org; Wed, 17 Jun 2009 21:33:04 +0000 Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 73F22E0519; Wed, 17 Jun 2009 21:33:02 +0000 (UTC) Received: from mail-ew0-f220.google.com (mail-ew0-f220.google.com [209.85.219.220]) by pigeon.gentoo.org (Postfix) with ESMTP id 0DBEAE0519 for ; Wed, 17 Jun 2009 21:33:01 +0000 (UTC) Received: by ewy20 with SMTP id 20so702799ewy.34 for ; Wed, 17 Jun 2009 14:33:01 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:from:to:subject:date :user-agent:references:in-reply-to:mime-version:content-type :content-transfer-encoding:content-disposition:message-id; bh=7uF8udmdr9+LoK3EfSQFzZmLH1EVlj69t15x2OqF3sI=; b=PPUSIn8TqHPzlGFCCSLeVeN62ky+l/7z6Z/M2dLsaOUegqTPIrFq58wZTLhpEZXdSc pm49ZbHllbp2HMtENFFoJFAkTK4q5cS2dWt4i3L7/nbAPiRGS5JfpmbKwl1MLf0ltAdb 1bNfJRlPf2g4QQNYG8uC6mZY3gM+fr0Ym7QgU= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=from:to:subject:date:user-agent:references:in-reply-to:mime-version :content-type:content-transfer-encoding:content-disposition :message-id; b=Vo4Q+MfJ8zeZvh0GQbbx/JhPoJe9OzStt9e+K/e7hs8gU8I+pmQ+HU+NtuxqZjKsr8 ZCGSd+9yaDelsAgpP3SNFDmC41V/jZqVhwVPKDWVJiAyDkkXF1t83tpmPkNYCUwPE2Vm 9Rrd21ADGkAWe3Cym1gcKTNl44kn8WTz+6l9g= Received: by 10.210.87.14 with SMTP id k14mr3416096ebb.98.1245274381429; Wed, 17 Jun 2009 14:33:01 -0700 (PDT) Received: from nazgul.localnet (196-210-153-123-rrdg-esr-2.dynamic.isadsl.co.za [196.210.153.123]) by mx.google.com with ESMTPS id 28sm187232eye.46.2009.06.17.14.33.00 (version=SSLv3 cipher=RC4-MD5); Wed, 17 Jun 2009 14:33:01 -0700 (PDT) From: Alan McKinnon To: gentoo-user@lists.gentoo.org Subject: Re: [gentoo-user] Sysloggers Date: Wed, 17 Jun 2009 23:31:24 +0200 User-Agent: KMail/1.11.4 (Linux/2.6.30-gentoo-r1; KDE/4.2.4; x86_64; ; ) References: <200906162249.01707.alan.mckinnon@gmail.com> <642958cc0906170733o3e83e4a3v58c9c38652ff905b@mail.gmail.com> In-Reply-To: <642958cc0906170733o3e83e4a3v58c9c38652ff905b@mail.gmail.com> Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@lists.gentoo.org Reply-to: gentoo-user@lists.gentoo.org MIME-Version: 1.0 Content-Type: Text/Plain; charset="iso-8859-15" Content-Transfer-Encoding: 7bit Content-Disposition: inline Message-Id: <200906172331.24159.alan.mckinnon@gmail.com> X-Archives-Salt: 41a549c5-991a-4f0b-8480-841f2903f9ca X-Archives-Hash: fcff3b59ae0defa7fb9eb2d37ac26311 On Wednesday 17 June 2009 16:33:39 Mark Shields wrote: > On Tue, Jun 16, 2009 at 4:49 PM, Alan McKinnon wrote: > > Hi, > > > > Does anyone have decent experience with sysloggers other than syslog-ng, > > and > > be willing to share experiences? > > > > I'm especially interested in some of the advanced features of syslog-ng > > Premium from Balabit.com (based on and extending their open source > > version): > > > > SSL-encrypted traffic over the network > > Disk-based buffering on the client > > Windows agents > > Timezone aware (which syslog doesn't do and syslog-ng only partially) > > Encrypted disk files > > Filter, parse and rewrite incoming logs (vital if you need the auth log > > over > > here and the password field stored over there, without jumping through > > hoops > > first) > > High scalability - 2000 Cisco devices and 200+ servers to start, > > distributed > > country wide > > > > -- > > alan dot mckinnon at gmail dot com > > syslog-ng is the de facto standard. Metalog is fine for desktops, but I > use syslog-ng on all my servers. Nearly all programs that can process log > files are compatible with it. I can't argue with that. I just get a little paranoid about auth logs being sent (with credentials) over partially-open networks, hence the attraction of encrypted traffic -- alan dot mckinnon at gmail dot com