I am trying to come up with a centralized syslog solution and I wanted to hear from other people that have a centralized solution in place. I was thinking about using syslog-ng running on the collection server but I'm not sure how to go about doing the real-time alerting and long-term storage for possible forensics use. I've heard good things about logsurfer, so I was going to explore using this tool http://www.cert.dfn.de/eng/logsurf/ How do I go about gathering syslog data directly into a SQL database in real-time (or near real-time) such as Postgresql, or mysql? Thanks,