[nsp] Syslog best practices.
Robert A. Hayden
rhayden at geek.net
Fri Jan 24 12:34:31 EST 2003
Ditto.
We use syslog-ng to break up logs copied into multiple locations. We end
up with a file based on device IP, the same info in a file based on device
type, and one giant unified everything log.
On Fri, 24 Jan 2003, John Wong, Kok Seng wrote:
> Use syslog-ng. It can parse regex based on host IP, etc..
> so u can split the logs to different files. I'm using it
> to capture all the syslogs of my switches & routers.
>
> Hope it helps.
>
>
> > -----Original Message-----
> > From: James Kilton [mailto:kilton9 at yahoo.com]
> > Sent: Friday, January 24, 2003 11:23 PM
> > To: cisco-nsp at puck.nether.net
> > Subject: [nsp] Syslog best practices.
> >
> >
> > I'm preparing to deploy a few Syslog servers to
> > receive logs from our Cisco devices, and I'm wondering
> > how people typically handle having only 8 Syslog
> > facilities to use per server when there are more than
> > 8 Cisco devices on the network. Do you just have all
> > Cisco devices write to the same file? Do you split it
> > up randomly? Or maybe have 1 file per criticality
> > level?
> >
> > Any advice would be appreciated.
> >
> > __________________________________________________
> > Do you Yahoo!?
> > Yahoo! Mail Plus - Powerful. Affordable. Sign up now.
> > http://mailplus.yahoo.com
> > _______________________________________________
> > cisco-nsp mailing list cisco-nsp at puck.nether.net
> > http://puck.nether.net/mailman/listinfo/cisco-nsp
> > archive at http://puck.nether.net/pipermail/cisco-nsp/
> >
>
> _______________________________________________
> cisco-nsp mailing list cisco-nsp at puck.nether.net
> http://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>
>
>
More information about the cisco-nsp
mailing list