I though I'd give swatch a try, but can't seem to find it in the repository. Does swatch exist in any official RHEL 5.x repos? On 1/14/09, De Vries, Timothy <Timothy.DeVries@xxxxxxx> wrote: > > Hi, > > Rsyslog is an option and is included in RHEL 5.2 as an RPM. I like it > because it allows you to post the priority.facility (PRI) values in the > syslog messages which make it easier to filter for 'interesting' messages > via a centralized server running swatch. Syslog-ng may also do this but > I've not used it. > > Thanks, > Tim > -----Original Message----- > From: redhat-list-bounces@xxxxxxxxxx > [mailto:redhat-list-bounces@xxxxxxxxxx]On Behalf Of Kenneth Holter > Sent: Wednesday, January 14, 2009 9:42 AM > To: redhat-list@xxxxxxxxxx > Subject: Setting up centralized logging > > > Hello list. > > > We're planning on setting up centralized logging for our RHEL systems, and > have to decide on applications to use for collecting logs and analyzing > them. > Most of our systems are running RHEL, so we're looking for software that is > supported on this platform. > > The first issue would be to decide on which syslog implementation to use, > and "syslog-ng" seems to be very popular. Will this be included in EPEL or > such in near future? > Are there better options than syslog-ng? > > After collecting the syslog data, we'll need to analyze them. Swatch and > SEC > are two options, as well as logwatch. The latter doesn't monitor in real > time, so I guess this one is out of the picture. Feedback on Swatch and > SEC, > as well as other good options, is appreciated. > > Lastly, we'll have to decide on how to set up the architecture, such as > relay architecture or single central loghost. Does anyone know of good > documentation that discusses this issue? > > > Regards, > Kenneth Holter > -- > redhat-list mailing list > unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe > https://www.redhat.com/mailman/listinfo/redhat-list > > > > This e-mail and any attachments may contain > confidential and privileged information. If you are > not the intended recipient, please notify the sender > immediately by return e-mail, delete this e-mail > and destroy any copies. Any dissemination or use > of this information by a person other than the > intended recipient is unauthorized and may be > illegal. Unless otherwise stated, opinions expressed > in this e-mail are those of the author and are not > endorsed by the author's employer. > > Le présent message, ainsi que tout fichier qui y est > joint, est envoyé à l'intention exclusive de son ou > de ses destinataires; il est de nature confidentielle > et peut constituer une information privilégiée. Nous > avertissons toute personne autre que le destinataire > prévu que tout examen, réacheminement, impression, copie, > distribution ou autre utilisation de ce message et de > tout fichier qui y est joint est strictement interdit. > Si vous n'êtes pas le destinataire prévu, veuillez en > aviser immédiatement l'expéditeur par retour de courriel > et supprimer ce message et tout document joint de votre système. > Sauf indication contraire, les opinions exprimées dans le présent > message sont celles de l'auteur et ne sont pas avalisées par > l'employeur de l'auteur. > > -- > redhat-list mailing list > unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe > https://www.redhat.com/mailman/listinfo/redhat-list > -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subjecthttps://www.redhat.com/mailman/listinfo/redhat-list
