Syslog-NG Installation
DrModiford (Talk | contribs) (Initial guide for Syslog-NG) |
DrModiford (Talk | contribs) m (Formatting issue) |
||
| Line 1: | Line 1: | ||
| − | The ''Syslog-NG'', or System Log Next-Generation, service is an updated version of the default [[Syslog]] service found on FreeBSD and other UNIX and Unix-like systems (a paid-for version exists for Microsoft operating systems). Enhancements include the ability to filtering content, various methods of storing information including separate files-per-device or [[MySQL]] databases and, perhaps a key feature, the addition of TCP for transportation of events (typically UDP is used on basic Syslog services). | + | The '''Syslog-NG''', or System Log Next-Generation, service is an updated version of the default [[Syslog]] service found on FreeBSD and other UNIX and Unix-like systems (a paid-for version exists for Microsoft operating systems). Enhancements include the ability to filtering content, various methods of storing information including separate files-per-device or [[MySQL]] databases and, perhaps a key feature, the addition of TCP for transportation of events (typically UDP is used on basic Syslog services). |
The source code for Syslog-NG was used to create a commercial product maintained by [http://www.balabit.com/network-security/syslog-ng/ | Balabit] under the name Syslog-NG Premium Edition. This is a paid-for-support version of the free Syslog-NG code and revenue from it is used to fund development of the free edition. | The source code for Syslog-NG was used to create a commercial product maintained by [http://www.balabit.com/network-security/syslog-ng/ | Balabit] under the name Syslog-NG Premium Edition. This is a paid-for-support version of the free Syslog-NG code and revenue from it is used to fund development of the free edition. | ||
Revision as of 06:29, 6 June 2008
The Syslog-NG, or System Log Next-Generation, service is an updated version of the default Syslog service found on FreeBSD and other UNIX and Unix-like systems (a paid-for version exists for Microsoft operating systems). Enhancements include the ability to filtering content, various methods of storing information including separate files-per-device or MySQL databases and, perhaps a key feature, the addition of TCP for transportation of events (typically UDP is used on basic Syslog services).
The source code for Syslog-NG was used to create a commercial product maintained by | Balabit under the name Syslog-NG Premium Edition. This is a paid-for-support version of the free Syslog-NG code and revenue from it is used to fund development of the free edition.
Purpose
For a background on the default Syslog service installed on FreeBSD see the main Syslog article. The following is an explanation of the purpose of Syslog-NG specifically.
The purpose of installing and utilising Syslog-NG becomes apparent when you begin to monitor Syslog events from multiple servers (and other network-attached Syslog-capable devices) and require a centralised method in which to do so. Furthermore the ability to easily track, view and manage Syslog events are important. The enhancements made to Syslog-NG permit this functionality.
Examples
There are a number of reasons why upgrading to Syslog-NG is beneficial:
- a data-centre that houses numerous network devices all capable of sending Syslog event notifications;
- a medium-to-large organisation that has a wide-spread presence in different locations;
- fault detection of unmanned systems.
They all run along similar lines and many medium and larger organisations may benefit from utilising Syslog-NG somewhere on the corporate network.
