Can correlate log messages, both real-time and off-line. syslog-ng: I didn’t spend to long here, as I didn’t see any features that I needed that were better than the default of rsyslog.Rainer discusses why TCP isn’t as reliable as many think here. It’s not designed to alert on logs. That’s where the likes of Simple Event Correlator ( SEC) comes in. Rsyslog is great at gathering, transporting, storing log messages and includes some really neat functionality for dividing the logs. There is also the Reliable Event Logging Protocol (RELP) which Rainer created. Rainer Gerhards wrote rsyslog and his blog provides some good insights. I like to do as little as possible and rsyslog fits this description for me. rsyslog: which ships with Debian and most other Linux distros now I believe.The following two offerings are the main players. I didn’t spend long looking at this as there wasn’t much point.
Most Linux distributions no longer ship with this. GNU syslogd which I don’t think is being developed anymore? Correct me if I’m wrong.As part of the ongoing work around preparing a Debian web server to host applications accessible from the The main system loggers I looked into
0 kommentar(er)
