[ale] [Fwd: Advertising on ale.org] - OT MS vs Apple vs Linux/UNIX
Chris Fowler
cfowler at outpostsentinel.com
Fri Sep 11 13:01:17 EDT 2015
> From: "Alex Carver" <agcarver+ale at acarver.net>
> To: ale at ale.org
> Sent: Friday, September 11, 2015 12:39:28 PM
> Subject: Re: [ale] [Fwd: Advertising on ale.org] - OT MS vs Apple vs Linux/UNIX
> 1. Keep nothing locally (Storage=none) and run a second daemon
> (rsyslogd, syslog-ng) alongside journald to process everything as I do
I think syslog-ng is one of the best logging solutions. On my device I've used rsylogd and the syslog in Busybox. For the past 5 years I've been using syslong-ng.
Once I really learned how to configure it I modified my daemons that were logging to their own files to then log to syslog-ng. I then used regex in the config to duplicate those syslog messages to specific files for each daemon. This allows me to quickly see what is going on in the software while maintaining syslog compatibility.
syslog-ng also routes inbound messages (from remote devices) by source ip. Those are stored in their own files as well. Software watches those messages and can look for 100s of regex matches on that stream. Any match creates a trouble ticket and deploys a technician to the location.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.ale.org/pipermail/ale/attachments/20150911/30983a59/attachment.html>
More information about the Ale
mailing list