LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - General
User Name
Password
Linux - General This Linux forum is for general Linux questions and discussion.
If it is Linux Related and doesn't seem to fit in any other forum then this is the place.

Notices

Reply
 
Search this Thread
Old 12-11-2010, 03:40 AM   #1
burak
LQ Newbie
 
Registered: Jan 2008
Posts: 23

Rep: Reputation: 0
Best Open Source Syslog Server


Hello,
I am looking for an open source syslog server which accumulate the each and every log of Windows, Solaris, Linux and network devices. Currently I am using Syslog-ng which is not fulfiling my requirement in Windows clients, as I need the logs of every action which user performed after logon.

Syslog-ng is very good for network devices.
 
Old 12-11-2010, 05:39 AM   #2
wpeckham
Member
 
Registered: Apr 2010
Location: USA
Distribution: Debian, Ubuntu, Fedora, RedHat, DSL, Puppy, CentOS, Knoppix
Posts: 775

Rep: Reputation: 173Reputation: 173
syslog

"every action" ???

That is not really what syslog is for. Syslog records the messages sent by systems when triggered by events. It records events for diagnostics, not every action. Overall using a syslog server is wise, but trying to log every action is probably not wise: for one thing you will fill up disks very rapidly.

Not saying you cannot do that, just that you probably should not and that syslog may not be the right tool for that job.

Now if you only want to echo the event log to a syslog server, check out this link for some ideas.
http://troy.jdmz.net/syslogwin/

After you consider that, check out http://aplawrence.com/Reviews/NTSyslog.html for another solution.

See the problem here is that MS (in their infinite wisdom) chooses to NOT use anyone else's standard solutions until the market forces the issue. (Remember how long it took them to decide it was OK for Windows to do native TCP/IP? I do.) Up to Win2k at least (I stopped checking after that) no windows product nativly spoke syslog. You have to run something that can YANK the log entries out, or add software to windows to make it play well in polite society.

Best of luck!
 
Old 12-13-2010, 10:36 AM   #3
wpeckham
Member
 
Registered: Apr 2010
Location: USA
Distribution: Debian, Ubuntu, Fedora, RedHat, DSL, Puppy, CentOS, Knoppix
Posts: 775

Rep: Reputation: 173Reputation: 173
PostScript

Please forgive me, I added some useful information but neglected to address the original question.

Every major Linux, *BSD, and Unix distribution comes with and uses syslogd. While there are other 'syslog' server tools out there you cannot really get anything better than the GNU syslogd server itself.

You will need to research how to configure it to respond to all of the servers on your network without opening it up to external or unauthorized servers, but that is not difficult.
Note that syslogd does NOT go out and GET log entries, the syslog native to the remote servers must be configured to SEND messages to the syslog server, and it must be configured to ACCEPT those messages.

Once you have set one or two up it all makes sense and seems almost intuitive: it is not and takes some study the first time or two.

Last edited by wpeckham; 12-13-2010 at 10:37 AM. Reason: spelling corrections
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
LXer: Version 3.0 of syslog-ng Open Source Edition has been released LXer Syndicated Linux News 0 02-14-2009 05:50 PM
LXer: Centralized Syslog Server Using syslog-NG LXer Syndicated Linux News 0 04-28-2006 06:21 PM
LXer: Open-Xchange Server Wins 'Best Open Source Solution' Award at LinuxWorld Conference & Expo in Boston LXer Syndicated Linux News 0 04-10-2006 09:33 AM
LXer: Open-Xchange Server Wins “Best Open Source Solution” Award At LinuxWorld Conference & Expo in Boston LXer Syndicated Linux News 0 04-07-2006 12:33 AM
Syslog server can't open log files >500mb mikeyt_333 Linux - General 2 01-11-2005 11:32 AM


All times are GMT -5. The time now is 01:25 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration