sysklogd-to-rsyslog
Differences between revisions 1 and 2
⇤ ← Revision 1 as of 2008-11-26 09:09:48
3372
Comment:
|
← Revision 2 as of 2009-01-22 16:07:05 ⇥
3374
typos
|
Deletions are marked like this. | Additions are marked like this. |
Line 26: | Line 26: |
* Other distro have already made this choice: | * Other distros have already made this choice: |
Line 28: | Line 28: |
* Debian has made the [[http://groups.google.com/group/linux.debian.bugs.dist/browse_thread/thread/c26b7f36b4f54caa/7a18c76338e9fdc6?lnk=gst&q=rsyslog+sysklogd#7a18c76338e9fdc6|same choice in leny]]. | * Debian has made the [[http://groups.google.com/group/linux.debian.bugs.dist/browse_thread/thread/c26b7f36b4f54caa/7a18c76338e9fdc6?lnk=gst&q=rsyslog+sysklogd#7a18c76338e9fdc6|same choice in lenny]]. |
Launchpad Entry: sysklogd-to-rsyslog
Created: NickBarcet
Contributors:
Packages affected: sysklogd, ryslog
Summary
Should rsyslog replace sysklogd in main and as default for new installation?
Release Note
Rsyslog now replaces sysklogd on new installations in ubuntu.
Rationale
- Corporate usage of of centralized logging often requires:
- Guaranteed delivery of event: events should not be lost because of some TCP/UDP failure. Sysklogd does not provide this.
- Secured delivery of events: events can contain sensitive information so should be encrypted when sent over the network, sysklogd does not provide this.
- Event analysis framework: Central syslog server should be able to send email alerts on some conditions, sysklogd does not support this
- Database backend: in order to perform rapid searches, a database backend is crucial
- sysklogd Upstream seems weak, if not dead
- Other distros have already made this choice:
Fedora has led the way of distributions in this sense and was the first to do the switch to rsyslog.
Debian has made the same choice in lenny.
Use Cases
- Clara needs a central syslog server that does not lose events to be compliant with industry policies
- Edward is afraid that events sent to his central syslog server may be sniffed and disclose confidential company information
- Ray needs to audit events occurring in his company and craves for indexes searches to do so
Assumptions
Design
Implementation
UI Changes
Code Changes
Migration
Test/Demo Plan
Unresolved issues
BoF agenda and discussion
sysklogd-to-rsyslog (last edited 2009-01-22 16:07:05 by 82-69-40-219)