Re: [fw-wiz] syslog and network management
- From: david@xxxxxxx
- Date: Fri, 22 Feb 2008 18:06:56 -0800 (PST)
On Fri, 22 Feb 2008, Brian Loe wrote:
On Thu, Feb 21, 2008 at 7:19 PM, <david@xxxxxxx> wrote:
if you end up doing much searching through your logs you can end up eating
a LOT more CPU then you imagine, especially as you correlate things and
end up searching for more related items at a time.
I've found that if you utilize, for instance, syslog-ng, you can split
up the log files based on whatever (device type, network, etc.).
Searching those smaller files is a lot less CPU intensive.
true, but I found that syslog-ng was far less effective at the more
important job of receiving syslog messages from the wire and writing them
to disk
David Lang
_______________________________________________
firewall-wizards mailing list
firewall-wizards@xxxxxxxxxxxxxxxxxxxxx
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
- Follow-Ups:
- Re: [fw-wiz] syslog and network management
- From: Brian Loe
- Re: [fw-wiz] syslog and network management
- References:
- Re: [fw-wiz] syslog and network management
- From: Darden, Patrick S.
- Re: [fw-wiz] syslog and network management
- From: david
- Re: [fw-wiz] syslog and network management
- From: Brian Loe
- Re: [fw-wiz] syslog and network management
- Prev by Date: Re: [fw-wiz] Firewall Placement Question
- Next by Date: Re: [fw-wiz] syslog and network management
- Previous by thread: Re: [fw-wiz] syslog and network management
- Next by thread: Re: [fw-wiz] syslog and network management
- Index(es):
Relevant Pages
|
|
