syslog-ng to replace syslogd
nathan r. hruby
nhruby at uga.edu
Sat Aug 21 01:00:56 UTC 2004
On Fri, 20 Aug 2004, seth vidal wrote:
> Which is why I advocate bringing in syslog-ng, if not as a replacement
> at least as an option for a syslog daemon.
I would be ok with it as an alternative or in Extras.
>
> syslog-ng supports regexs on logs, splitting on hostname, separate
> scripts per instance, tcp, alternate ports, stunnel wrapping of the
> whole daemon.
>
Yes, it certainly rocks. However, the config syntax is decidedly *not*
user friendly. I have seen experienced admins goof up plain 'ol sysklogd
config syntax and I can see their mind boggle at syslog-ng's syntax, much
less some newbie or fancy-pants DBA. I think it'd be a large support load
and awful harsh transition for a good number of people, sysklogd currently
mimics the general feel of syslog.conf on a good number of other
platforms....
My suggestions (in no order of importance):
- ship syslog-ng as an alternative or in extras
- ship a syslog-ng config editor that makes things easy for the 80% of the
people in the world who aren't using central syslogging.
- Find / support / ship an alternate secure and robust syslogd that is
easy on the end user (I offered metalog as an example, but there many
others too)
- Write a new *client* end syslogd that has all the features a client
would need but is still small and easy to configure for local logging,
allowing people to use something with higher power on central servers.
(this, I think, as an excellent side project should someone want to
cover it because there's nothing like this presently)
> it's head and shoulders above syslogd and I can personally say I've been
> running it on our central loghost for > 4 yrs now w/o a problem.
>
Right, but that's the problem. Not everyone (or every box) is running as
a syslog server, which is where most of syslog-ng's power shines. For the
end user or small shop this is overload.
Am I saying this will never work? No. But the transition isn't as easy
as replacing X with Y for a lot of people. Thought needs to go into the
transition and end product as well as security.
-n
--
-------------------------------------------
nathan hruby <nhruby at uga.edu>
uga enterprise information technology services
production systems support
metaphysically wrinkle-free
-------------------------------------------
More information about the fedora-devel-list
mailing list