[syslog-ng] Syslog-NG OSE : a more and more difficult choice to make.

Evan Rempel erempel at uvic.ca
Thu Aug 12 17:20:46 CEST 2010


For me, the most compelling differences in favoe of syslog-ng are;

1. Streaming live logs to an application. In our environment we stream the
    logs into applications that identify critical events adn then send the events into nagios
    for alerting, acknowledgement and reporting. We also send critical events into
    out trouble ticket system. Intrusion detection etc.

2. The ability to have the pattern database. it isn't just about collecting logs. Anyone
    can do that. Its about mining the logs for the important things, and the
    unknown things. The pattern database is critical in this effort.

Evan Rempel


syslogng at feystorm.net wrote:
> Well I dont know what all features rsyslog has, but syslog-ng has all 
> the ones you mentioned. The sql support and solaris are both available 
> in the OSE, and the disk based buffering is available in PE. What does 
> rsyslog have that syslog-ng doesnt? Just curious.
> 
> -Patrick
> 
> Sent: Thursday, August 12, 2010 9:00:46 AM
> From: Christophe Brocas <christophe.brocas at cnamts.fr>
> To: syslog-ng at lists.balabit.hu
> Subject: [syslog-ng] Syslog-NG OSE : a more and more difficult choice 
> to    make.
>> Hello everybody,
>>
>> I really enjoy the syntax, the stability, the flexibility and the so
>> clear and accurate documentation of Syslog-NG OSE. This is why I write
>> this post, I love the product, my message is definitively not a troll.
>>
>> Despite above positive aspects, it is more and more difficult to choose
>> Syslog-NG OSE in corporate environment where you have Linux platforms
>> and others Unix flavors. Rsyslog comes with security and performance
>> features (sql driver, disk based bufferring, Solaris port etc) inside
>> whose can only be acquired through Premium Syslog-NG Edition.
>>
>> If in the future, Rsyslog provides an AIX port on PPC architecture, I
>> really think it will be an ended story for Syslog-NG on corporate
>> environment : it will no more exist a technical reason to stay with an
>> open source under powered solution like Syslog-NG OSE or to buy a
>> solution while it exists an opensource solution with same / more features.
>>
>> I really understand everybody has to earn its life, really. But the
>> current situation in the open source syslog products area is quite
>> difficult for Syslog-NG, that's why I wanted to point the above facts in
>> corporate environment out to you. I don't know how to do : more
>> appliances, more closed products, more consulting ... but the 2 flavors
>> (free and paid) of Syslog-NG are imho an each day harder choice to defend.
>>
>> It is the message from a Syslog-NG user that would like to be able to
>> promote and use it in its company for a long time.
>>
>> Thank you for your reading.
>>
>> Bye
>> Christophe
>>
>>   


-- 
Evan Rempel
Senior Systems Administrator                 250.721.7691
Unix Services, University Systems, University of Victoria


More information about the syslog-ng mailing list