Is there a strict requirement for this to be an appliance? I've had very good results with relatively low powered linux machines; simply load them up with disk, install as small and locked down a system as you can get away with (and there are lots of options for this), configure syslog and the network, run sshd on it and automate an scp to get the logs off it, and viola, syslog appliance. This also gives you the opportunity to expand it to take on other tasks, or be more selective about who can log to it (via iptables, etc), run automatic summary generators, and so forth. In my experience, about the only things an appliance device gets you is whatever the vendor things is a cool GUI, and perhaps some automation (on things like virus/spam walls). Hope this helps! Malcolm On Sat, 2004-07-03 at 04:18, Mike Blomgren wrote: > Hi, > > I'm looking for a syslog appliance and wonder if anyone on this list has any > experience from them. > > What I'm looking for is basically a simple appliance to receive syslogs over > a network from various devices. Place the appliance on the network, > configure the devices to log to the appliance, and retrieve the logs from > the appliance with a web-gui, or automated ftp/https etc. Just a simple > syslog-server, with plenty of disk. > > Any experience or products suggestions would be very interesting to hear > about. > > TIA, > > ~Mike > > > > > ------------------------- > Mike Blomgren > +46 (0)709 - 150 723 > mike.blomgren@private > www.secode.com > ------------------------- > > > _______________________________________________ > LogAnalysis mailing list > LogAnalysis@private > http://lists.shmoo.com/mailman/listinfo/loganalysis _______________________________________________ LogAnalysis mailing list LogAnalysis@private http://lists.shmoo.com/mailman/listinfo/loganalysis
This archive was generated by hypermail 2.1.3 : Wed Jul 07 2004 - 14:23:57 PDT