[Dshield] Syslog Server Software

Jon R. Kibler Jon.Kibler at aset.com
Thu Mar 16 14:28:27 GMT 2006


Frank Knobbe wrote:
> 
> On Wed, 2006-03-15 at 09:55 -0500, Harry Hoffman wrote:
> > Syslog-ng is probably your best bet for a central syslog server. I'm not
> > sure that it has a webbased front end.
> >
> > This article may help:
> > http://www.ip-solutions.net/_articles/lsa.html
> 
> I second the choice of syslog-ng. I got quite a few servers forwarding
> to a central syslog server (with one warm-standby in case of failure)
> which centrally logs into text files, but also to a Postgres database
> (which is also redundant thanks to Slony). Remote servers tunnel syslog
> via TCP over SSH to the central one. No problems at all, I'm very happy
> with it.
> 
> Cheers,
> Frank

Whereas I agree that syslog-ng is a superior capability to syslog, it is not something that most non-senior *nix admins can set up without a lot of struggle. If you want a enterprise-class solution, then go for it. However, most admins I know do not have the day or two (or three or four) needed to set it up the first time, then propagate it to all of their systems, and find that syslogd is adequate.

Jon
-- 
Jon R. Kibler
Chief Technical Officer
A.S.E.T., Inc.
Charleston, SC  USA
(843) 849-8214




==================================================
Filtered by: TRUSTEM.COM's Email Filtering Service
http://www.trustem.com/
No Spam. No Viruses. Just Good Clean Email.



More information about the list mailing list