From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from pigeon.gentoo.org ([208.92.234.80] helo=lists.gentoo.org) by finch.gentoo.org with esmtp (Exim 4.60) (envelope-from <gentoo-user+bounces-96893-garchives=archives.gentoo.org@lists.gentoo.org>) id 1MGwCr-0002e4-8K for garchives@archives.gentoo.org; Wed, 17 Jun 2009 14:33:42 +0000 Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id E9284E0511; Wed, 17 Jun 2009 14:33:39 +0000 (UTC) Received: from yw-out-1718.google.com (yw-out-1718.google.com [74.125.46.157]) by pigeon.gentoo.org (Postfix) with ESMTP id C1A6DE0511 for <gentoo-user@lists.gentoo.org>; Wed, 17 Jun 2009 14:33:39 +0000 (UTC) Received: by yw-out-1718.google.com with SMTP id 5so1180886ywm.46 for <gentoo-user@lists.gentoo.org>; Wed, 17 Jun 2009 07:33:39 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:in-reply-to:references :date:message-id:subject:from:to:content-type; bh=3JYNxDi0Z0gtBIzY3kDgUqkpkuxzT1gwCv5YdJ9aZRY=; b=aX/BFcILwj5yUrT0Jy3Py4LNT7FpUWcDLoEOSAK6FWBom1VBYB1jYA/rPLSV3+Hb6V MZ5DqfKxJw9tMN0e+Cyl3wacXoOhxC5hEKG6DI/Svxi7jLJIasWyTcgd2LrE01Kb+xol XuK/dWzPwT6TzY+9oI/63WQdkIM+uYL1t78m4= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; b=xXyJb8Ux8AGkNiYTWoTNyp08avBO2jfEnQQA5gX/r+sfaK1QxA+4FAyd5Fhnt75t/J hz3EXrJKT+4FTu5m9+njK9vOPhP9R8Hm/87jQSg1lMrZM0X4yvCd0A5qD1etdUf2bzcK O3CAUJCqMlAp0UMWlXqXfIxrhUUKX6GPMRxjM= Precedence: bulk List-Post: <mailto:gentoo-user@lists.gentoo.org> List-Help: <mailto:gentoo-user+help@lists.gentoo.org> List-Unsubscribe: <mailto:gentoo-user+unsubscribe@lists.gentoo.org> List-Subscribe: <mailto:gentoo-user+subscribe@lists.gentoo.org> List-Id: Gentoo Linux mail <gentoo-user.gentoo.org> X-BeenThere: gentoo-user@lists.gentoo.org Reply-to: gentoo-user@lists.gentoo.org MIME-Version: 1.0 Received: by 10.150.227.4 with SMTP id z4mr1288176ybg.317.1245249219480; Wed, 17 Jun 2009 07:33:39 -0700 (PDT) In-Reply-To: <200906162249.01707.alan.mckinnon@gmail.com> References: <200906162249.01707.alan.mckinnon@gmail.com> Date: Wed, 17 Jun 2009 10:33:39 -0400 Message-ID: <642958cc0906170733o3e83e4a3v58c9c38652ff905b@mail.gmail.com> Subject: Re: [gentoo-user] Sysloggers From: Mark Shields <laebshade@gmail.com> To: gentoo-user@lists.gentoo.org Content-Type: multipart/alternative; boundary=000e0cd405a26250a5046c8c2d11 X-Archives-Salt: 64b22c17-dda6-4c9b-86ff-1894c6a28a87 X-Archives-Hash: 04bf487a0ad2788714a0e315061d1d53 --000e0cd405a26250a5046c8c2d11 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit On Tue, Jun 16, 2009 at 4:49 PM, Alan McKinnon <alan.mckinnon@gmail.com>wrote: > Hi, > > Does anyone have decent experience with sysloggers other than syslog-ng, > and > be willing to share experiences? > > I'm especially interested in some of the advanced features of syslog-ng > Premium from Balabit.com (based on and extending their open source > version): > > SSL-encrypted traffic over the network > Disk-based buffering on the client > Windows agents > Timezone aware (which syslog doesn't do and syslog-ng only partially) > Encrypted disk files > Filter, parse and rewrite incoming logs (vital if you need the auth log > over > here and the password field stored over there, without jumping through > hoops > first) > High scalability - 2000 Cisco devices and 200+ servers to start, > distributed > country wide > > -- > alan dot mckinnon at gmail dot com > > syslog-ng is the de facto standard. Metalog is fine for desktops, but I use syslog-ng on all my servers. Nearly all programs that can process log files are compatible with it. -- - Mark Shields --000e0cd405a26250a5046c8c2d11 Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable <div class=3D"gmail_quote">On Tue, Jun 16, 2009 at 4:49 PM, Alan McKinnon <= span dir=3D"ltr"><<a href=3D"mailto:alan.mckinnon@gmail.com">alan.mckinn= on@gmail.com</a>></span> wrote:<br><blockquote class=3D"gmail_quote" sty= le=3D"margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;"> Hi,<br> <br> Does anyone have decent experience with sysloggers other than syslog-ng, an= d<br> be willing to share experiences?<br> <br> I'm especially interested in some of the advanced features of syslog-ng= <br> Premium from Balabit.com (based on and extending their open source version)= :<br> <br> SSL-encrypted traffic over the network<br> Disk-based buffering on the client<br> Windows agents<br> Timezone aware (which syslog doesn't do and syslog-ng only partially)<b= r> Encrypted disk files<br> Filter, parse and rewrite incoming logs (vital if you need the auth log ove= r<br> here and the password field stored over there, without jumping through hoop= s<br> first)<br> High scalability - 2000 Cisco devices and 200+ servers to start, distribute= d<br> country wide<br> <font color=3D"#888888"><br> --<br> alan dot mckinnon at gmail dot com<br> <br> </font></blockquote></div><br>syslog-ng is the de facto standard. =A0Metalo= g is fine for desktops, but I use syslog-ng on all my servers. =A0Nearly al= l programs that can process log files are compatible with it.<br clear=3D"a= ll"> <br>-- <br>- Mark Shields<br> --000e0cd405a26250a5046c8c2d11--