In the Zenoss How-to http://www.zenoss.com/community/docs/howtos/ there are to ways of dealing with syslog on Zenoss. Maybe using Syslog-NG to gather and filter the severity of the logs and pass to Zenoss the interesting traffic could be a way.
Besides using Splunk (it is awesome but limited in free edition), check OSSEC. The functionality will be hard to beat and it is FREE Open Source. Another way of consolidating logs will be by using Prelude LML or OSSIM. Prelude can consolidate pretty much any type of log and correlate them. OSSIM can consolidate syslog and agent forwards but for correlation against each other and like 17 other tools. It is a little more complex than Prelude but with more features. -------------------- m2f -------------------- Read this topic online here: http://forums.zenoss.com/viewtopic.php?p=26494#26494 -------------------- m2f -------------------- _______________________________________________ zenoss-users mailing list [email protected] http://lists.zenoss.org/mailman/listinfo/zenoss-users
