[Dshield] Syslog Server Software

Timothy A. Holmes tholmes at mcaschool.net
Thu Mar 16 13:45:23 GMT 2006


Thanks for all the responses, im busy looking at options and hope to
have something chosen by later today, Im getting overloaded with
information that I have no way to correlate

The syslog ng option looks good, I just need a way to analyze the data,
as grepping through the logs is not an option due to time restraints

TIM


Timothy A. Holmes
IT Manager / Network Admin / Web Master / Computer Teacher
 
Medina Christian Academy
A Higher Standard...
 
Jeremiah 33:3
Jeremiah 29:11
Esther 4:14

> -----Original Message-----
> From: list-bounces at lists.dshield.org [mailto:list-
> bounces at lists.dshield.org] On Behalf Of Frank Knobbe
> Sent: Wednesday, March 15, 2006 7:30 PM
> To: General DShield Discussion List
> Subject: Re: [Dshield] Syslog Server Software
> 
> On Wed, 2006-03-15 at 09:55 -0500, Harry Hoffman wrote:
> > Syslog-ng is probably your best bet for a central syslog server. I'm
not
> > sure that it has a webbased front end.
> >
> > This article may help:
> > http://www.ip-solutions.net/_articles/lsa.html
> 
> 
> I second the choice of syslog-ng. I got quite a few servers forwarding
> to a central syslog server (with one warm-standby in case of failure)
> which centrally logs into text files, but also to a Postgres database
> (which is also redundant thanks to Slony). Remote servers tunnel
syslog
> via TCP over SSH to the central one. No problems at all, I'm very
happy
> with it.
> 
> Cheers,
> Frank
> 
> --
> It is said that the Internet is a public utility. As such, it is best
> compared to a sewer. A big, fat pipe with a bunch of crap sloshing
> against your ports.





More information about the list mailing list