Re: syslog-ng
On Thu, Nov 21, 2002 at 01:21:03PM +0100, jernej horvat wrote:
> On Thursday 21 November 2002 13:08, Craig Sanders wrote:
>
> > IIRC, the last time i looked at syslog-ng, it had no ability to write
> > log files asynchronously which made it unsuitable for use on heavy-load
> > servers - e.g. medium to large ISP mail servers.
>
> options {.. sync(0);...};
cool, it has changed since i last looked at it.
might be worth another look now.
craig
--
craig sanders <[EMAIL PROTECTED]>
Fabricati Diem, PVNC.
-- motto of the Ankh-Morpork City Watch
Re: syslog-ng
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Thursday 21 November 2002 13:08, Craig Sanders wrote:
> IIRC, the last time i looked at syslog-ng, it had no ability to write
> log files asynchronously which made it unsuitable for use on heavy-load
> servers - e.g. medium to large ISP mail servers.
options {.. sync(0);...};
- --
"We should not be trying to use technical solutions
to solve a social problem."
[Thomas R. Stephenson ("about SPAM" - Pegasus list 16.12.1999)]
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.0.7 (GNU/Linux)
iD8DBQE93M+vEyTmlrVpUvwRAm5wAJ0e1MFZNmjV10tDeq04n4Cs4pnFJgCghDEs
ecHvUnbHPq9BqCY9mEMPn74=
=Q1WX
-END PGP SIGNATURE-
Re: syslog-ng
On Thu, Nov 21, 2002 at 12:27:43PM +0100, jernej horvat wrote: > On Thursday 21 November 2002 02:38, Russell Coker wrote: > > > Does multilog allow filtering log messages to determine which ones are > > worth logging to disk? That's the only feature that I'd like to see in > > syslog. > > Then you might try http://www.balabit.hu/en/downloads/syslog-ng/ IIRC, the last time i looked at syslog-ng, it had no ability to write log files asynchronously which made it unsuitable for use on heavy-load servers - e.g. medium to large ISP mail servers. apart from that, it's a pretty good program. very flexible & configurable. fine for smallish servers. there are other alternatives to syslog too, including a new one called metalog which i haven't had time to look at yet (so i have no idea if it's any good or not - the description sounds good). Package: metalog Priority: optional Section: admin Installed-Size: 124 Maintainer: Sebastien J. Gross <[EMAIL PROTECTED]> Architecture: i386 Version: 0.7beta-1 Replaces: syslogd, sysklogd Provides: syslogd, system-log-daemon, klogd, linux-kernel-log-daemon Depends: libc6 (>= 2.2.5-13), libpcre3 Conflicts: syslogd, sysklogd Filename: pool/main/m/metalog/metalog_0.7beta-1_i386.deb Size: 19682 MD5sum: 077c0e023ee2c582412470a88d9c6728 Description: Modern logging daemon Metalog is a modern replacement for syslogd and klogd. The logged messages can be dispatched according to their facility, urgency, program name and/or Perl-compatible regular expressions. Log files can be automatically rotated when they exceed a certain size or age. External shell scripts (e.g., mail) can be launched when specific patterns are found. Metalog is easier to configure than syslogd and syslog-ng, accepts unlimited number of rules and has (switchable) memory bufferization for maximal performance. craig -- craig sanders <[EMAIL PROTECTED]> Fabricati Diem, PVNC. -- motto of the Ankh-Morpork City Watch
Re: syslog-ng
On Thu, Nov 21, 2002 at 01:21:03PM +0100, jernej horvat wrote:
> On Thursday 21 November 2002 13:08, Craig Sanders wrote:
>
> > IIRC, the last time i looked at syslog-ng, it had no ability to write
> > log files asynchronously which made it unsuitable for use on heavy-load
> > servers - e.g. medium to large ISP mail servers.
>
> options {.. sync(0);...};
cool, it has changed since i last looked at it.
might be worth another look now.
craig
--
craig sanders <[EMAIL PROTECTED]>
Fabricati Diem, PVNC.
-- motto of the Ankh-Morpork City Watch
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
syslog-ng
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Thursday 21 November 2002 02:38, Russell Coker wrote:
> Does multilog allow filtering log messages to determine which ones are
> worth logging to disk? That's the only feature that I'd like to see in
> syslog.
Then you might try http://www.balabit.hu/en/downloads/syslog-ng/
"The original syslogd allows messages only to be sorted based on
priority/facility pairs; syslog-ng adds the possibility to filter based on
message contents using regular expressions. The new configuration scheme is
intuitive and powerful. Forwarding logs over TCP and remembering all
forwarding hops makes it ideal for firewalled environments."
What i like most is:
...
file("/var/log/remotelogs/$HOST/$PROGRAM/$YEAR_$MONTH" create_dirs(yes));
It makes logging and managing easier.
- --
"We should not be trying to use technical solutions
to solve a social problem."
[Thomas R. Stephenson ("about SPAM" - Pegasus list 16.12.1999)]
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.0.7 (GNU/Linux)
iD8DBQE93MMvEyTmlrVpUvwRAj/TAKCTg7OFduoW6bI/1zVmYDo5QL6D0gCaAgIU
j3S4DGn6LMzuHemJ+TnM9l8=
=kJIr
-END PGP SIGNATURE-
Re: syslog-ng
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Thursday 21 November 2002 13:08, Craig Sanders wrote:
> IIRC, the last time i looked at syslog-ng, it had no ability to write
> log files asynchronously which made it unsuitable for use on heavy-load
> servers - e.g. medium to large ISP mail servers.
options {.. sync(0);...};
- --
"We should not be trying to use technical solutions
to solve a social problem."
[Thomas R. Stephenson ("about SPAM" - Pegasus list 16.12.1999)]
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.0.7 (GNU/Linux)
iD8DBQE93M+vEyTmlrVpUvwRAm5wAJ0e1MFZNmjV10tDeq04n4Cs4pnFJgCghDEs
ecHvUnbHPq9BqCY9mEMPn74=
=Q1WX
-END PGP SIGNATURE-
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: syslog-ng
On Thu, Nov 21, 2002 at 12:27:43PM +0100, jernej horvat wrote: > On Thursday 21 November 2002 02:38, Russell Coker wrote: > > > Does multilog allow filtering log messages to determine which ones are > > worth logging to disk? That's the only feature that I'd like to see in > > syslog. > > Then you might try http://www.balabit.hu/en/downloads/syslog-ng/ IIRC, the last time i looked at syslog-ng, it had no ability to write log files asynchronously which made it unsuitable for use on heavy-load servers - e.g. medium to large ISP mail servers. apart from that, it's a pretty good program. very flexible & configurable. fine for smallish servers. there are other alternatives to syslog too, including a new one called metalog which i haven't had time to look at yet (so i have no idea if it's any good or not - the description sounds good). Package: metalog Priority: optional Section: admin Installed-Size: 124 Maintainer: Sebastien J. Gross <[EMAIL PROTECTED]> Architecture: i386 Version: 0.7beta-1 Replaces: syslogd, sysklogd Provides: syslogd, system-log-daemon, klogd, linux-kernel-log-daemon Depends: libc6 (>= 2.2.5-13), libpcre3 Conflicts: syslogd, sysklogd Filename: pool/main/m/metalog/metalog_0.7beta-1_i386.deb Size: 19682 MD5sum: 077c0e023ee2c582412470a88d9c6728 Description: Modern logging daemon Metalog is a modern replacement for syslogd and klogd. The logged messages can be dispatched according to their facility, urgency, program name and/or Perl-compatible regular expressions. Log files can be automatically rotated when they exceed a certain size or age. External shell scripts (e.g., mail) can be launched when specific patterns are found. Metalog is easier to configure than syslogd and syslog-ng, accepts unlimited number of rules and has (switchable) memory bufferization for maximal performance. craig -- craig sanders <[EMAIL PROTECTED]> Fabricati Diem, PVNC. -- motto of the Ankh-Morpork City Watch -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
syslog-ng
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Thursday 21 November 2002 02:38, Russell Coker wrote:
> Does multilog allow filtering log messages to determine which ones are
> worth logging to disk? That's the only feature that I'd like to see in
> syslog.
Then you might try http://www.balabit.hu/en/downloads/syslog-ng/
"The original syslogd allows messages only to be sorted based on
priority/facility pairs; syslog-ng adds the possibility to filter based on
message contents using regular expressions. The new configuration scheme is
intuitive and powerful. Forwarding logs over TCP and remembering all
forwarding hops makes it ideal for firewalled environments."
What i like most is:
...
file("/var/log/remotelogs/$HOST/$PROGRAM/$YEAR_$MONTH" create_dirs(yes));
It makes logging and managing easier.
- --
"We should not be trying to use technical solutions
to solve a social problem."
[Thomas R. Stephenson ("about SPAM" - Pegasus list 16.12.1999)]
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.0.7 (GNU/Linux)
iD8DBQE93MMvEyTmlrVpUvwRAj/TAKCTg7OFduoW6bI/1zVmYDo5QL6D0gCaAgIU
j3S4DGn6LMzuHemJ+TnM9l8=
=kJIr
-END PGP SIGNATURE-
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
