Synchronous logging means syslogd will write the incidents to the logfiles as soon as they occur (synchronous to the incidents). Asynchronous means that syslogd keeps a buffer of loggong items before writing them to file in a bunch. This reduces disk usage a lot on busy systems, but may result in missing log entries after a crash.
Thanks, Martin. As a related question: I log everything that's in syslog.conf to another machine over the network. However, I have also noticed that the log messages being written to disk is not allowing the firewall's disk to spin down for long... every few minutes it has to spin up again.
Do you see a major downside or risk to _only_ logging over the network to the remote syslog server? I'm thinking this could allow me to promote more aggressive power conservation for the firewall and a couple of other small servers.
-- Rodolfo J. Paiz rpaiz@xxxxxxxxxxxxxx
-- Shrike-list mailing list Shrike-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/shrike-list
