Tracy R Reed wrote:
Michael O'Keefe wrote:
You think about running syslog-ng on a single machine, taking the logs
from the 2 remote machines ?
I have often pondered syslog-ng but I don't quite see the point. What
does it do that normal syslog doesn't do and why don't any distro's such
as RHEL package syslog-ng by default? And how do you handle remote
machines? Do they have to vpn their logs in?
It has a much better filtering mechanism that syslog.
syslog can only decide where a log goes based on 2 params, the facility
(auth, authpriv, cron, daemon, kern, lpr, mail, mark, news, security
(same as auth), syslog, user, uucp and local0 through local7) or
priority (debug, info, notice, warning, warn (same as warning), err,
error (same as err), crit, alert, emerg, panic (same as emerg))
You can use regular expressions with syslog-ng to decide where the
information goes, including where the log came from if you're using a
central logging server.
regular syslog can take logs from remote machines, that feature has been
there for a long time - port 514/udp
--
Michael O'Keefe | [EMAIL PROTECTED]
Live on and Ride an 06 BMW R12GS HP2 | [EMAIL PROTECTED] / |
I like less more or less less than |Work:+1 858 845 3514 / |
more. UNIX-live it,love it,fork() it |Fax :+1 858 845 2652 /_p_|
My views are MINE ALONE, blah, blah, |Home:+1 760 788 1296 \`O'|
blah, yackety yack - don't come back |Fax :+1 858 _/_\|_,
--
[email protected]
http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-list
