Journald is excellent. The binary storage format is a huge leap forward. Andrew
On Tuesday, June 7, 2016, Grant Ridder <shortdudey...@gmail.com> wrote: > +1 for ELKK (with kafka) > Doing several hundred GB of log per day with a dozen instances on AWS (ES > cluster + logstash hosts + kafak cluster) > > -Grant > > On Mon, Jun 6, 2016 at 11:25 PM, <valdis.kletni...@vt.edu <javascript:;>> > wrote: > > > On Mon, 06 Jun 2016 14:59:51 -0600, Maximino Velazquez said: > > > What is the best syslog server (opensource)? > > > > Step 0: Define what "best" means in your environment. > > > > What features do you need? Routing to a central aggregation server over > > TLS? > > Powerful regex-based routing? Ingestion into a database (a la splunk or > > Elk) > > for data mining? Ability to deal with insanely high message rates? Other > > must-have or don't-care features? License pricing? Vendor support? > > > > Step 1: After figuring out what you need, make a matrix of the available > > options and how well they fit. > > > > (We have in production syslog-ng, rsyslog, splunk, Elk, and probably a > few > > others I've forgotten, for different purposes....) > > > > >
