7 Jun
2016
7 Jun
'16
2:25 a.m.
On Mon, 06 Jun 2016 14:59:51 -0600, Maximino Velazquez said:
What is the best syslog server (opensource)?
Step 0: Define what "best" means in your environment. What features do you need? Routing to a central aggregation server over TLS? Powerful regex-based routing? Ingestion into a database (a la splunk or Elk) for data mining? Ability to deal with insanely high message rates? Other must-have or don't-care features? License pricing? Vendor support? Step 1: After figuring out what you need, make a matrix of the available options and how well they fit. (We have in production syslog-ng, rsyslog, splunk, Elk, and probably a few others I've forgotten, for different purposes....)