From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from pigeon.gentoo.org ([208.92.234.80] helo=lists.gentoo.org) by finch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1MGwCr-0002e4-8K for garchives@archives.gentoo.org; Wed, 17 Jun 2009 14:33:42 +0000 Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id E9284E0511; Wed, 17 Jun 2009 14:33:39 +0000 (UTC) Received: from yw-out-1718.google.com (yw-out-1718.google.com [74.125.46.157]) by pigeon.gentoo.org (Postfix) with ESMTP id C1A6DE0511 for ; Wed, 17 Jun 2009 14:33:39 +0000 (UTC) Received: by yw-out-1718.google.com with SMTP id 5so1180886ywm.46 for ; Wed, 17 Jun 2009 07:33:39 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:in-reply-to:references :date:message-id:subject:from:to:content-type; bh=3JYNxDi0Z0gtBIzY3kDgUqkpkuxzT1gwCv5YdJ9aZRY=; b=aX/BFcILwj5yUrT0Jy3Py4LNT7FpUWcDLoEOSAK6FWBom1VBYB1jYA/rPLSV3+Hb6V MZ5DqfKxJw9tMN0e+Cyl3wacXoOhxC5hEKG6DI/Svxi7jLJIasWyTcgd2LrE01Kb+xol XuK/dWzPwT6TzY+9oI/63WQdkIM+uYL1t78m4= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; b=xXyJb8Ux8AGkNiYTWoTNyp08avBO2jfEnQQA5gX/r+sfaK1QxA+4FAyd5Fhnt75t/J hz3EXrJKT+4FTu5m9+njK9vOPhP9R8Hm/87jQSg1lMrZM0X4yvCd0A5qD1etdUf2bzcK O3CAUJCqMlAp0UMWlXqXfIxrhUUKX6GPMRxjM= Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@lists.gentoo.org Reply-to: gentoo-user@lists.gentoo.org MIME-Version: 1.0 Received: by 10.150.227.4 with SMTP id z4mr1288176ybg.317.1245249219480; Wed, 17 Jun 2009 07:33:39 -0700 (PDT) In-Reply-To: <200906162249.01707.alan.mckinnon@gmail.com> References: <200906162249.01707.alan.mckinnon@gmail.com> Date: Wed, 17 Jun 2009 10:33:39 -0400 Message-ID: <642958cc0906170733o3e83e4a3v58c9c38652ff905b@mail.gmail.com> Subject: Re: [gentoo-user] Sysloggers From: Mark Shields To: gentoo-user@lists.gentoo.org Content-Type: multipart/alternative; boundary=000e0cd405a26250a5046c8c2d11 X-Archives-Salt: 64b22c17-dda6-4c9b-86ff-1894c6a28a87 X-Archives-Hash: 04bf487a0ad2788714a0e315061d1d53 --000e0cd405a26250a5046c8c2d11 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit On Tue, Jun 16, 2009 at 4:49 PM, Alan McKinnon wrote: > Hi, > > Does anyone have decent experience with sysloggers other than syslog-ng, > and > be willing to share experiences? > > I'm especially interested in some of the advanced features of syslog-ng > Premium from Balabit.com (based on and extending their open source > version): > > SSL-encrypted traffic over the network > Disk-based buffering on the client > Windows agents > Timezone aware (which syslog doesn't do and syslog-ng only partially) > Encrypted disk files > Filter, parse and rewrite incoming logs (vital if you need the auth log > over > here and the password field stored over there, without jumping through > hoops > first) > High scalability - 2000 Cisco devices and 200+ servers to start, > distributed > country wide > > -- > alan dot mckinnon at gmail dot com > > syslog-ng is the de facto standard. Metalog is fine for desktops, but I use syslog-ng on all my servers. Nearly all programs that can process log files are compatible with it. -- - Mark Shields --000e0cd405a26250a5046c8c2d11 Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable
On Tue, Jun 16, 2009 at 4:49 PM, Alan McKinnon <= span dir=3D"ltr"><alan.mckinn= on@gmail.com> wrote:
Hi,

Does anyone have decent experience with sysloggers other than syslog-ng, an= d
be willing to share experiences?

I'm especially interested in some of the advanced features of syslog-ng=
Premium from Balabit.com (based on and extending their open source version)= :

SSL-encrypted traffic over the network
Disk-based buffering on the client
Windows agents
Timezone aware (which syslog doesn't do and syslog-ng only partially) Encrypted disk files
Filter, parse and rewrite incoming logs (vital if you need the auth log ove= r
here and the password field stored over there, without jumping through hoop= s
first)
High scalability - 2000 Cisco devices and 200+ servers to start, distribute= d
country wide

--
alan dot mckinnon at gmail dot com


syslog-ng is the de facto standard. =A0Metalo= g is fine for desktops, but I use syslog-ng on all my servers. =A0Nearly al= l programs that can process log files are compatible with it.

--
- Mark Shields
--000e0cd405a26250a5046c8c2d11--