Syslog-ng Log centrally manage service deployment records under Linux

Tag: Host and priority definition establish record collection kernel www.

Syslog is the default log daemon for Linux systems, and the default syslog configuration file is the/etc/syslog.conf file. The syslog daemon is configurable, which allows people to specify exactly a place of storage for each type of system information. Compared to syslog,Syslog-ng has many advanced features: better network support, more convenient configuration, centralized network log storage, and more flexibility . For example, when using SYSLOGD, all iptables logs are stored in the Kern.log file along with other kernel logs. Syslog-ng allows you to selectively separate iptables portions into additional log files. SYSLOGD can only use the UDP protocol, SYSLOG-NG can use UDP and TCP protocols. So we can transfer logs to a centralized log server in an encrypted network tunnel.

One of the design principles of syslog-ng is to build better message filtering granularity . Syslog-ng is capable of filtering based on content and priority/facility. Another design principle is more easily to the different firewall network segment information forwarding, it supports the host chain, even if the log message after a lot of computer forwarding, can also find the original host address and the entire forwarding chain. A final design principle is to make the configuration file as powerful and concise as possible. As an alternative to syslog, Syslog-ng is a complete replacement for syslog services, and provides better filtering by defining rules. Prior to the introduction of Linux under the Rsyslog Log Collection service environment deployment record, below is a brief introduction to the following Syslog-ng log centralized Management Service deployment records:

Syslog-ng Log centrally manage service deployment records under Linux