Actually yes. I use syslog-ng to log from about 1500 sources. Most of it is not real intense, but I get around 5 gigabytes per day. I use every facility. Some of the facilities are used for more than one program. Which before syslog-ng wasn't possible to do. The granularity I get from syslog-ng is considerably better than syslogd and my life is much simpler for it. Because of our security processes the logging from the routers used to go three places, our security people, our sysadmins, and our management tools. The router was sending every message three times. Now they go to our central system and the logs that need to go to the security people are forwarded to them and the same with our management tools, with the correct host name. And the traffic is much less over the WAN. Which was the goal of the exercise. I would say for us that syslog-ng has been very successful. Thanks
-----Original Message----- From: Balazs Scheidler [SMTP:bazsi@balabit.hu] Sent: Friday, November 17, 2000 11:52 AM To: syslog-ng@lists.balabit.hu Subject: Re: [syslog-ng]Odd problem
hostname, gw1, ts1, etc. This is insufficient since we have over 1100 routers to maintain. There are many gw1's and gw2's, etc. As soon as I turned on use_fqdn and started getting the domain name added on, which is sufficient to identify the source, all is great from my perspective.
I'd be interested if syslog-ng is used to collect all logs from these routers. If yes, I think we found a great success story :)
-- Bazsi PGP info: KeyID 9AF8D0A9 Fingerprint CD27 CFB0 802C 0944 9CFD 804E C82C 8EB1 url: http://www.balabit.hu/pgpkey.txt
_______________________________________________ syslog-ng maillist - syslog-ng@lists.balabit.hu https://lists.balabit.hu/mailman/listinfo/syslog-ng
participants (1)
-
Hamilton, Andrew Mr.