> How about bringing it in as an alternate? For example, there 5-6 different mail > programs, 3 smpt deamons, at least 2 http deamons, and a couple news deamons > already in the distribution. The people that want to try out the new daemon can > do so and if they don't get hacked, other people might try it too. I'd vote for > making it available, but not the default. > > But let's also consider this. According to freshmeat, it was last updated in > March 2003. Is it being maintained? Or is it done? http://www.balabit.com/products/syslog_ng/upgrades.bbq last release was 15 days ago. > I would advocate moving slowly for security related items. Logging is a > cornerstone of security. Which is why I advocate bringing in syslog-ng, if not as a replacement at least as an option for a syslog daemon. syslog-ng supports regexs on logs, splitting on hostname, separate scripts per instance, tcp, alternate ports, stunnel wrapping of the whole daemon. it's head and shoulders above syslogd and I can personally say I've been running it on our central loghost for > 4 yrs now w/o a problem. -sv
