https://github.com/balabit/syslog-ng
though I've also switched to rsyslog. there have been too many fiddly bits
when using the advanced functions of syslog-ng for me to trust it.
On Fri, Dec 14, 2018 at 8:54 AM Snyder, Alexander J <
alex@misteralexander.com> wrote:
> They must be using a fork or something. In a recent meeting it was brought
> up that their software base hasn't been updated since 2007. I'll definitely
> dive deeper in to that! Thanks!
>
> Thanks,
> Alexander.
>
> Sent from my Samsung Galaxy S8+
>
> On Fri, Dec 14, 2018, 07:08 <amit@amitnepal.com wrote:
>
>> Are you sure syslog-ng is not updated in years ? Latest release is 3.19.1
>> released 23 hours ago. Wonder if I am mistaken.
>>
>> Get Outlook for Android <https://aka.ms/ghei36>
>>
>>
>>
>>
>> On Fri, Dec 14, 2018 at 6:42 AM -0700, "Snyder, Alexander J" <
>> alex@misteralexander.com> wrote:
>>
>> We're currently using syslog-ng and are moving away from it as the
>>> project hasn't been updated in years (obscurity is not security). We're
>>> collecting with rsyslog and sending to Splunk for search and visualization.
>>>
>>> Right now we're only testing with rsyslog and only have it configured on
>>> a single host. We're building out a new DC and are going to setup rsyslog
>>> as primary.
>>>
>>> Im going to ask our ITSEC about the data points we're collecting and
>>> I'll let the group know what I find.
>>>
>>> Thanks,
>>> Alexander.
>>>
>>> Sent from my Samsung Galaxy S8+
>>>
>>> On Dec 12, 2018 20:56, "Amit Nepal" <amit@amitnepal.com> wrote:
>>>
>>> I suggest looking into syslog-ng for centralized log server. Clients can
>>> use rsyslog for unix and nxlog for windows. Syslog-ng is scalable, high
>>> speed and provides a lot of features for parsing, alerting, co-relating
>>> etc. You can Use Syslog-ng for central log collection, send it to
>>> elasticsearch , analyze with Kibana and visualize with grafana. I have been
>>> using all this on a VM with 4G of RAM and 2 Cores of VCPU and seems to be
>>> working okay. 15 servers including web and mail servers are sending logs to
>>> the Log server. Additionally, I am also using wazuh for alerting and
>>> sending data to elastic search as well. I believe, the resource
>>> requirement will depend on the EPS rather than number of hosts.
>>>
>>> Thank You !
>>>
>>> Amit K Nepal
>>> (OSCP, CISM, CISSP, RHCE, CCENT, C|EH, C|HFI, GIAC ISO 27000 Specialist)
>>>
>>>
>>> On 12/12/2018 2:09 PM, Snyder, Alexander J wrote:
>>>
>>> Looking for suggestions on what kind of physical resources would
>>> suggested to building a central logging server for an enterprise company.
>>>
>>> rsyslog is new for the company, so we're looking to "do it right" from
>>> the ground up.
>>>
>>> How many hosts should be needed to log networking and storage appliances?
>>>
>>> Advice on memory, CPU, and disk are requested. Will be running CentOS7.
>>>
>>> Thanks,
>>> Alexander.
>>>
>>> Sent from my Samsung Galaxy S8+
>>>
>>> ---------------------------------------------------
>>> PLUG-discuss mailing list - PLUG-discuss@lists.phxlinux.org
>>> To subscribe, unsubscribe, or to change your mail settings:https://lists.phxlinux.org/mailman/listinfo/plug-discuss
>>>
>>> ---------------------------------------------------
>>> PLUG-discuss mailing list - PLUG-discuss@lists.phxlinux.org
>>> To subscribe, unsubscribe, or to change your mail settings:
>>> https://lists.phxlinux.org/mailman/listinfo/plug-discuss
>>>
>>>
>>> ---------------------------------------------------
> PLUG-discuss mailing list - PLUG-discuss@lists.phxlinux.org
> To subscribe, unsubscribe, or to change your mail settings:
> https://lists.phxlinux.org/mailman/listinfo/plug-discuss
--
James McPhee
jmcphe@gmail.com
---------------------------------------------------
PLUG-discuss mailing list -
PLUG-discuss@lists.phxlinux.org
To subscribe, unsubscribe, or to change your mail settings:
https://lists.phxlinux.org/mailman/listinfo/plug-discuss 
(text/plain)