This is actually what i do now, but we are moving away from syslog-ng to splunk, basically for the ease of searching and report generation, especially for the lower tiered noc techs, so in splunk you can create multiple "virtual" instances, so what we wanted to do was separate say customer logging to its own port, sec logs to its own port and associated with the splunk instance configured to accept syslog messages on port x/y/z etc.
Otherwise, I agree, syslog-ng can be very good if configured correctly and extensively Christian On Wed, Sep 10, 2008 at 1:45 PM, Rick Coloccia <[EMAIL PROTECTED]> wrote: > Interesting approach. I installed syslog-ng on my syslog server (CentOS > 5.2) and am filtering very extensively based on source host and pattern > matching inside the trap. I have lots of different files in place now based > on what cisco device created the trap and what the message in the trap is. > But they are all the same facility. You might find that a lot more useful. > Take a look at syslog-ng, and don't let it overwhelm you - it's not as bad > as it looks to set up. Assuming a linux box, you can leave your existing > syslog in place, and just add this to a system to receive syslogs from over > the network. Very, very configurable. > > -Rick > > Christian Koch wrote: >> >> I know i can set the remote syslog port on ASA/PIX's, but i don't seem >> to see that it is possible in IOS. >> >> I wanted to segregate logs by sending them from certain devices to >> separate syslog ports >> >> Can anyone confirm this behavior? >> >> Has anyone had the need to do something similar? >> >> Thanks >> >> >> Christian >> _______________________________________________ >> cisco-nsp mailing list cisco-nsp@puck.nether.net >> https://puck.nether.net/mailman/listinfo/cisco-nsp >> archive at http://puck.nether.net/pipermail/cisco-nsp/ >> > > -- > Rick Coloccia, Jr. > Network Manager > State University of NY College at Geneseo > 1 College Circle, 119 South Hall > Geneseo, NY 14454 > V: 585-245-5577 > F: 585-245-5579 > > _______________________________________________ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/