[opensource] syslog and syslog-ng question
Brian Dittmer
dittmer.6 at osu.edu
Wed Oct 25 17:03:29 EDT 2006
An aside:
I've heard of syslog-ng (ng stands for Next Generation...correct?) but
haven't actually used it. Does it offer many benefits over traditional
syslog?
-Brian
Jason Crum wrote:
> Hi there. This is my first email to this list, so if this isn't the proper venue for this kind of question I'll slink back into the shadows.
>
> I'm trying to set up a central logging server for several *nix boxes, most are running Solaris 10 x86 or CentOS 4.3 (or so). I need to insert a unique string in the syslog data these servers send to the central logging server (for those that are interested, it's running Splunk and receiving data from several Windows servers using Snare and several Cisco devices via syslog feeds into FIFOs that are then fed into specific Splunk parsers).
>
> Some of these servers run syslog, others run syslog-ng. If I have to upgrade all of the servers to syslog-ng I can live with that.
>
> With syslog-ng, I think I can insert a string using a template as part of the destination. I haven't tried it yet, but I think I can probably make it work. Aside from using a template, is there a more elegant solution to this using syslog-ng?
>
> Also, is there a way to insert a string into syslog (not syslog-ng) data?
>
> Thanks in advance.
>
> -jc
> _______________________________________________
> Opensource mailing list
> Opensource at cse.ohio-state.edu
> http://mail.cse.ohio-state.edu/mailman/listinfo/opensource
>
>
More information about the Opensource
mailing list