From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from pigeon.gentoo.org ([208.92.234.80] helo=lists.gentoo.org)
	by finch.gentoo.org with esmtp (Exim 4.60)
	(envelope-from <gentoo-user+bounces-96893-garchives=archives.gentoo.org@lists.gentoo.org>)
	id 1MGwCr-0002e4-8K
	for garchives@archives.gentoo.org; Wed, 17 Jun 2009 14:33:42 +0000
Received: from pigeon.gentoo.org (localhost [127.0.0.1])
	by pigeon.gentoo.org (Postfix) with SMTP id E9284E0511;
	Wed, 17 Jun 2009 14:33:39 +0000 (UTC)
Received: from yw-out-1718.google.com (yw-out-1718.google.com [74.125.46.157])
	by pigeon.gentoo.org (Postfix) with ESMTP id C1A6DE0511
	for <gentoo-user@lists.gentoo.org>; Wed, 17 Jun 2009 14:33:39 +0000 (UTC)
Received: by yw-out-1718.google.com with SMTP id 5so1180886ywm.46
        for <gentoo-user@lists.gentoo.org>; Wed, 17 Jun 2009 07:33:39 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=gamma;
        h=domainkey-signature:mime-version:received:in-reply-to:references
         :date:message-id:subject:from:to:content-type;
        bh=3JYNxDi0Z0gtBIzY3kDgUqkpkuxzT1gwCv5YdJ9aZRY=;
        b=aX/BFcILwj5yUrT0Jy3Py4LNT7FpUWcDLoEOSAK6FWBom1VBYB1jYA/rPLSV3+Hb6V
         MZ5DqfKxJw9tMN0e+Cyl3wacXoOhxC5hEKG6DI/Svxi7jLJIasWyTcgd2LrE01Kb+xol
         XuK/dWzPwT6TzY+9oI/63WQdkIM+uYL1t78m4=
DomainKey-Signature: a=rsa-sha1; c=nofws;
        d=gmail.com; s=gamma;
        h=mime-version:in-reply-to:references:date:message-id:subject:from:to
         :content-type;
        b=xXyJb8Ux8AGkNiYTWoTNyp08avBO2jfEnQQA5gX/r+sfaK1QxA+4FAyd5Fhnt75t/J
         hz3EXrJKT+4FTu5m9+njK9vOPhP9R8Hm/87jQSg1lMrZM0X4yvCd0A5qD1etdUf2bzcK
         O3CAUJCqMlAp0UMWlXqXfIxrhUUKX6GPMRxjM=
Precedence: bulk
List-Post: <mailto:gentoo-user@lists.gentoo.org>
List-Help: <mailto:gentoo-user+help@lists.gentoo.org>
List-Unsubscribe: <mailto:gentoo-user+unsubscribe@lists.gentoo.org>
List-Subscribe: <mailto:gentoo-user+subscribe@lists.gentoo.org>
List-Id: Gentoo Linux mail <gentoo-user.gentoo.org>
X-BeenThere: gentoo-user@lists.gentoo.org
Reply-to: gentoo-user@lists.gentoo.org
MIME-Version: 1.0
Received: by 10.150.227.4 with SMTP id z4mr1288176ybg.317.1245249219480; Wed, 
	17 Jun 2009 07:33:39 -0700 (PDT)
In-Reply-To: <200906162249.01707.alan.mckinnon@gmail.com>
References: <200906162249.01707.alan.mckinnon@gmail.com>
Date: Wed, 17 Jun 2009 10:33:39 -0400
Message-ID: <642958cc0906170733o3e83e4a3v58c9c38652ff905b@mail.gmail.com>
Subject: Re: [gentoo-user] Sysloggers
From: Mark Shields <laebshade@gmail.com>
To: gentoo-user@lists.gentoo.org
Content-Type: multipart/alternative; boundary=000e0cd405a26250a5046c8c2d11
X-Archives-Salt: 64b22c17-dda6-4c9b-86ff-1894c6a28a87
X-Archives-Hash: 04bf487a0ad2788714a0e315061d1d53

--000e0cd405a26250a5046c8c2d11
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit

On Tue, Jun 16, 2009 at 4:49 PM, Alan McKinnon <alan.mckinnon@gmail.com>wrote:

> Hi,
>
> Does anyone have decent experience with sysloggers other than syslog-ng,
> and
> be willing to share experiences?
>
> I'm especially interested in some of the advanced features of syslog-ng
> Premium from Balabit.com (based on and extending their open source
> version):
>
> SSL-encrypted traffic over the network
> Disk-based buffering on the client
> Windows agents
> Timezone aware (which syslog doesn't do and syslog-ng only partially)
> Encrypted disk files
> Filter, parse and rewrite incoming logs (vital if you need the auth log
> over
> here and the password field stored over there, without jumping through
> hoops
> first)
> High scalability - 2000 Cisco devices and 200+ servers to start,
> distributed
> country wide
>
> --
> alan dot mckinnon at gmail dot com
>
>
syslog-ng is the de facto standard.  Metalog is fine for desktops, but I use
syslog-ng on all my servers.  Nearly all programs that can process log files
are compatible with it.

-- 
- Mark Shields

--000e0cd405a26250a5046c8c2d11
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable

<div class=3D"gmail_quote">On Tue, Jun 16, 2009 at 4:49 PM, Alan McKinnon <=
span dir=3D"ltr">&lt;<a href=3D"mailto:alan.mckinnon@gmail.com">alan.mckinn=
on@gmail.com</a>&gt;</span> wrote:<br><blockquote class=3D"gmail_quote" sty=
le=3D"margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;">
Hi,<br>
<br>
Does anyone have decent experience with sysloggers other than syslog-ng, an=
d<br>
be willing to share experiences?<br>
<br>
I&#39;m especially interested in some of the advanced features of syslog-ng=
<br>
Premium from Balabit.com (based on and extending their open source version)=
:<br>
<br>
SSL-encrypted traffic over the network<br>
Disk-based buffering on the client<br>
Windows agents<br>
Timezone aware (which syslog doesn&#39;t do and syslog-ng only partially)<b=
r>
Encrypted disk files<br>
Filter, parse and rewrite incoming logs (vital if you need the auth log ove=
r<br>
here and the password field stored over there, without jumping through hoop=
s<br>
first)<br>
High scalability - 2000 Cisco devices and 200+ servers to start, distribute=
d<br>
country wide<br>
<font color=3D"#888888"><br>
--<br>
alan dot mckinnon at gmail dot com<br>
<br>
</font></blockquote></div><br>syslog-ng is the de facto standard. =A0Metalo=
g is fine for desktops, but I use syslog-ng on all my servers. =A0Nearly al=
l programs that can process log files are compatible with it.<br clear=3D"a=
ll">
<br>-- <br>- Mark Shields<br>

--000e0cd405a26250a5046c8c2d11--