the network devices need to be able to log to a remote syslog server, so the requirement falls on the network devices more than it falls on the syslog-ng server. regarding the second point, if one has devices across the globe logging to a central logging server, and the network links between the devices that log and the syslog-ng server is broken, i don't see how this requirement might be met. depending on the network architecture, i might have had each 'region' logging to its own highly available syslog-ng server, and sync/copy those logs to a central server/location once a while. the third requirement might be met by the periodic syncing of the logs from various syslog-ng servers across the 'regions'. i would think it depends largely on how reliable the network links are on the whole network architecture as a whole, and plan with that in consideration. also to note is that remote logging usually happens over UDP, which is unreliable by design. On Thu, 2007-05-24 at 22:37 +0530, Raghu (Lists) wrote:
Hi all,
I am working on a project to build distributed syslog-ing system for a very lager enterprise with offices all across the globe. Below are the main objectives:
1. Support for primarily network devices, like ciscos, netscreens, junipers etc 2. Minimum or no loss of messages when network fails 3. Central storage of all syslog messages
Could you please give me your ideas or point me to any documentation that deals with such designs?
Thank you! _______________________________________________ syslog-ng maillist - syslog-ng@lists.balabit.hu https://lists.balabit.hu/mailman/listinfo/syslog-ng Frequently asked questions at http://www.campin.net/syslog-ng/faq.html
-- Hiren Patel ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ This e-mail and its contents are subject to the Telkom SA Limited e-mail legal notice available at http://www.telkom.co.za/TelkomEMailLegalNotice.PDF ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~