Hello rsysloggers,
My loghost in the past 8 years was a FreeBSD box with a modified syslogd,
writing up to 3 mill. events per day into a PostgreSQL db, using transactions
(all events, delivered in 5 seconds) and doing a new PQprepare every 1000
transactions (to get a new plan from updated statistics):
https://www.chaos1.de/svn-public/repos/admin-tools/syslog2pg/trunk/syslogd/syslogd-DBL.patch
This worked for me, but suffered on well known weak points of traditional
syslog (missing reliability etc.).
Besides the event-table, my schema uses a table for hosts (clients sending
stuff to the loghost).
After looking to rsyslog project periodically, I see now all my requirements
available in rsyslog:
- reliable delivery over tcp with spooling to disk during outage
- buffering of surges of firewall events at client
- configurable source address for multi-homed clients
- plugin structure to interface my db backend
Currently I'm trying to install rsyslog on my client boxes.
While the FreeBSD ports system is quite recent with 7.2.4, I'm stucked with
OpenBSD which is at 4.6.4 and I'm not very familiar with that ports system.
There was a thread in this list
http://openbsd.7691.n7.nabble.com/update-sysutils-rsyslog-6-2-0-td149278.html
last September which included patches to bring the port to 6.2.0. However I
have problems to apply them and to bring them to the current OpenBSD 5.2-REL. I
have also problems with libee, which is behind.
Any hints or pointers greatyl appreciated!
Thanks, Axel
---
PGP-Key:29E99DD6 ☀ +49 151 2300 9283 ☀ computing @ chaos claudius
_______________________________________________
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
What's up with rsyslog? Follow https://twitter.com/rgerhards
NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of
sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE
THAT.
