[afnog] Central Logging on Debian
Andy Davidson
andy at nosignal.org
Fri Jul 9 17:47:33 UTC 2010
On 8 Jul 2010, at 13:55, Phil Regnauld wrote:
> Andy Davidson (andy) writes:
>>
>> Splunk is designed to make archiving/searching your logs a simple job.
>> The project is open-source, but backed by a commercial company.
> Where do you see that the product is open source ?
> There is a Free edition, which is binary only, is limited
> to 500 MB / day, and with a restricted feature set.
I mis-remembered the situation, I thought the free version was OS (was it previously ?)
> It does look interesting, but I would definitely start by
> looking at rsyslog/syslog-ng, and then move to a commercial
> solution once the basics are understood and one has a good
> idea of the feature set required.
Splunk builds on rsyslog/syslog-ng (at least on your sending servers) to give you a searchable archive of logs. It doesn't replace the need for this remote syslog software.
Best wishes
Andy
More information about the afnog
mailing list