Martin -

> in short, what do you need the Kiwi servers for?

The (8) Kiwi boxes terminate Kiwi Secure Tunnel connections from 1450 locations, where the 9000 devices reside. I've thought about sending the streams from the Kiwis directly to the Envision boxes, but I never know which Kiwi the stream from location 1234 will come from so I will not know which RSA it will end up in. (The F5s distribute the connections, the originating systems reboot every night, who knows where the tunnel will end up from one day to another.) We cannot exceed 3500 individual devices on the RSAs, so we have to be able to explicitly control the streams, thus syslog-ng :-)

All I DO know is that the originating IP is always in the syslog message, so if I can match on a characteristic that will evenly split the streams I am good to go.

Thanks,

Phil

Notice: This e-mail message and its attachments are the property of Wendy's/Arby's Group Inc. 
or one of its subsidiaries and may contain confidential or legally privileged information intended
solely for the use of the addressee(s). If you are not an intended recipient, then any use, copying or
distribution of this message or its attachments is strictly prohibited. If you received this message in
error, please notify the sender and delete this message entirely from your system.