[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

syslog server

Subject: syslog server
From: Valdis.Kletnieks at vt.edu (Valdis.Kletnieks at vt.edu)
Date: Tue, 07 Jun 2016 02:25:12 -0400
In-reply-to: <CADXzBABxoyjB_XxqymhdReX1WubZJfvJSTz3sX72=oe+4C7Dpw@mail.gmail.com>
References: <CADXzBABxoyjB_XxqymhdReX1WubZJfvJSTz3sX72=oe+4C7Dpw@mail.gmail.com>

On Mon, 06 Jun 2016 14:59:51 -0600, Maximino Velazquez said:
> What is the best syslog server  (opensource)?

Step 0:  Define what "best" means in your environment.

What features do you need?  Routing to a central aggregation server over TLS?
Powerful regex-based routing?  Ingestion into a database (a la splunk or Elk)
for data mining?  Ability to deal with insanely high message rates? Other
must-have or don't-care features?  License pricing? Vendor support?

Step 1:  After figuring out what you need, make a matrix of the available
options and how well they fit.

(We have in production syslog-ng, rsyslog, splunk, Elk, and probably a few
others I've forgotten, for different purposes....)

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 848 bytes
Desc: not available
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20160607/2d141d46/attachment.pgp>

Follow-Ups:
- syslog server
  - From: shortdudey123 at gmail.com (Grant Ridder)

References:
- syslog server
  - From: mvm at transtelco.net (Maximino Velazquez)

Prev by Date: Netflix VPN detection - actual engineer needed
Next by Date: intra-AS messaging for route leak prevention
Previous by thread: syslog server
Next by thread: syslog server
Index(es):
- Date
- Thread