Hello list. We're planning on setting up centralized logging for our RHEL systems, and have to decide on applications to use for collecting logs and analyzing them. Most of our systems are running RHEL, so we're looking for software that is supported on this platform. The first issue would be to decide on which syslog implementation to use, and "syslog-ng" seems to be very popular. Will this be included in EPEL or such in near future? Are there better options than syslog-ng? After collecting the syslog data, we'll need to analyze them. Swatch and SEC are two options, as well as logwatch. The latter doesn't monitor in real time, so I guess this one is out of the picture. Feedback on Swatch and SEC, as well as other good options, is appreciated. Lastly, we'll have to decide on how to set up the architecture, such as relay architecture or single central loghost. Does anyone know of good documentation that discusses this issue? Regards, Kenneth Holter -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list
