Re: which syslog??? (rsyslog? syslog-ng? or default?)
On Sun, Jan 9, 2011 at 12:52 PM, krad kra...@gmail.com wrote: Ive used syslog-ng for central logging in the past. It support tcp, encryption and logging to a db. To be honest though the most useful feature was that you can expand log files paths to include the date and hostname. This makes backing up of the files far more efficient as you dont have to use newsyslog to rotate them, which is a good thing for backups especially if you use rsync I'm a bit late on this one, I know, but I also use syslog-ng. My favorite feature is the ability to split log files for different hosts into different directories. Very handy for centralized logging. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: which syslog??? (rsyslog? syslog-ng? or default?)
Go for algr, i can't do wrong. On Fri, Jan 7, 2011 at 7:08 PM, Aleksandr Miroslav alexmiros...@gmail.com wrote: I have some boxes (about 40) that I was tasked with creating a centralized logging infrastructure for. I see in ports that we have several different versions of rsyslog, and syslog-ng. Is there any reason to use one or the other? Or should I just use the syslog that come with the base OS? thanks, Alex ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: which syslog??? (rsyslog? syslog-ng? or default?)
On 7 January 2011 22:13, Gary Gatten ggat...@waddell.com wrote: PS: rsyslog can use standard syslog.conf entries, or it has extensions that enable more cool stuff. G -Original Message- From: owner-freebsd-questi...@freebsd.org [mailto: owner-freebsd-questi...@freebsd.org] On Behalf Of Aleksandr Miroslav Sent: Friday, January 07, 2011 3:09 PM To: freebsd-questions@freebsd.org Subject: which syslog??? (rsyslog? syslog-ng? or default?) I have some boxes (about 40) that I was tasked with creating a centralized logging infrastructure for. I see in ports that we have several different versions of rsyslog, and syslog-ng. Is there any reason to use one or the other? Or should I just use the syslog that come with the base OS? thanks, Alex ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org font size=1 div style='border:none;border-bottom:double windowtext 2.25pt;padding:0in 0in 1.0pt 0in' /div This email is intended to be reviewed by only the intended recipient and may contain information that is privileged and/or confidential. If you are not the intended recipient, you are hereby notified that any review, use, dissemination, disclosure or copying of this email and its attachments, if any, is strictly prohibited. If you have received this email in error, please immediately notify the sender by return email and delete this email from your system. /font ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org Ive used syslog-ng for central logging in the past. It support tcp, encryption and logging to a db. To be honest though the most useful feature was that you can expand log files paths to include the date and hostname. This makes backing up of the files far more efficient as you dont have to use newsyslog to rotate them, which is a good thing for backups especially if you use rsync ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
which syslog??? (rsyslog? syslog-ng? or default?)
I have some boxes (about 40) that I was tasked with creating a centralized logging infrastructure for. I see in ports that we have several different versions of rsyslog, and syslog-ng. Is there any reason to use one or the other? Or should I just use the syslog that come with the base OS? thanks, Alex ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
RE: which syslog??? (rsyslog? syslog-ng? or default?)
After a bit of research I picked rsyslog. Actually, my syslog servers had to be RHEL, so I have all my logs going to 2 servers; one runs rsyslog and the other the syslogd that shipped with RHEL. They have different retention policies, one keeps about 30 days of logs online, the other about 90 days. Rsyslog has some cool features that may come in handy for a centralized logging environment. I don't use many (any?) of them right now, but it's nice to know they're there. Depending on your environment you may want to check it out. It's really handy if you can replace your sending hosts syslogd with rsyslogd - if the central log server fails it will buffer log entries locally and then ship them when the server comes back up. Also supports tcp based syslog and a couple other lossless protocols. I have mostly Ci$co gear logging here so can't really replace their logging daemon! HTH G -Original Message- From: owner-freebsd-questi...@freebsd.org [mailto:owner-freebsd-questi...@freebsd.org] On Behalf Of Aleksandr Miroslav Sent: Friday, January 07, 2011 3:09 PM To: freebsd-questions@freebsd.org Subject: which syslog??? (rsyslog? syslog-ng? or default?) I have some boxes (about 40) that I was tasked with creating a centralized logging infrastructure for. I see in ports that we have several different versions of rsyslog, and syslog-ng. Is there any reason to use one or the other? Or should I just use the syslog that come with the base OS? thanks, Alex ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org font size=1 div style='border:none;border-bottom:double windowtext 2.25pt;padding:0in 0in 1.0pt 0in' /div This email is intended to be reviewed by only the intended recipient and may contain information that is privileged and/or confidential. If you are not the intended recipient, you are hereby notified that any review, use, dissemination, disclosure or copying of this email and its attachments, if any, is strictly prohibited. If you have received this email in error, please immediately notify the sender by return email and delete this email from your system. /font ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
RE: which syslog??? (rsyslog? syslog-ng? or default?)
PS: rsyslog can use standard syslog.conf entries, or it has extensions that enable more cool stuff. G -Original Message- From: owner-freebsd-questi...@freebsd.org [mailto:owner-freebsd-questi...@freebsd.org] On Behalf Of Aleksandr Miroslav Sent: Friday, January 07, 2011 3:09 PM To: freebsd-questions@freebsd.org Subject: which syslog??? (rsyslog? syslog-ng? or default?) I have some boxes (about 40) that I was tasked with creating a centralized logging infrastructure for. I see in ports that we have several different versions of rsyslog, and syslog-ng. Is there any reason to use one or the other? Or should I just use the syslog that come with the base OS? thanks, Alex ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org font size=1 div style='border:none;border-bottom:double windowtext 2.25pt;padding:0in 0in 1.0pt 0in' /div This email is intended to be reviewed by only the intended recipient and may contain information that is privileged and/or confidential. If you are not the intended recipient, you are hereby notified that any review, use, dissemination, disclosure or copying of this email and its attachments, if any, is strictly prohibited. If you have received this email in error, please immediately notify the sender by return email and delete this email from your system. /font ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
