[ Thanks to Carla
Schroder for this link. ]
“Managing Linux system and application logging is important and
a bit tricksy. You want to capture important information, not bales
of noise. You need to be able to find what you want in your logs
without making it your life’s work. The venerable old syslogd has
served nobly for many years, but it’s not quite up to meeting more
complex needs. For this we have the next-generation Linux logger,
syslog-ng.“Syslog-ng has a number of advantages over our old friend
syslogd: better networking support, highly-configurable filters,
centralized network logging, and lots more flexibility. For
example, with syslogd all iptables messages get dumped in kern.log
along with all the other kernel messages. Syslog-ng lets you direct
iptables messages to a separate logfile. Syslogd uses only UDP;
syslog-ng runs over UDP and TCP, so you can run it over encrypted
network tunnels to a central logging server…”
Complete Story [Part 1]
Complete Story [Part 2]