syslog server

Andrew Kirch trelane at trelane.net
Wed Jun 8 01:04:34 UTC 2016


Journald is excellent. The binary storage format is a huge leap forward.

Andrew

On Tuesday, June 7, 2016, Grant Ridder <shortdudey123 at gmail.com> wrote:

> +1 for ELKK (with kafka)
> Doing several hundred GB of log per day with a dozen instances on AWS (ES
> cluster + logstash hosts + kafak cluster)
>
> -Grant
>
> On Mon, Jun 6, 2016 at 11:25 PM, <Valdis.Kletnieks at vt.edu <javascript:;>>
> wrote:
>
> > On Mon, 06 Jun 2016 14:59:51 -0600, Maximino Velazquez said:
> > > What is the best syslog server  (opensource)?
> >
> > Step 0:  Define what "best" means in your environment.
> >
> > What features do you need?  Routing to a central aggregation server over
> > TLS?
> > Powerful regex-based routing?  Ingestion into a database (a la splunk or
> > Elk)
> > for data mining?  Ability to deal with insanely high message rates? Other
> > must-have or don't-care features?  License pricing? Vendor support?
> >
> > Step 1:  After figuring out what you need, make a matrix of the available
> > options and how well they fit.
> >
> > (We have in production syslog-ng, rsyslog, splunk, Elk, and probably a
> few
> > others I've forgotten, for different purposes....)
> >
> >
>



More information about the NANOG mailing list