Organizations using multiple analytic tools and storage solutions often use multiple log management tools. syslog-ng flexibly routes log data from X sources to Y destinations. Instead of deploying multiple agents on hosts, organizations can unify their log data collection and management.Request your free trial
Scaling to large networks with syslog-ng
Many times organizations with multiple log analysis tools, each with its own collection agent, will need to deploy multiple collection agents on the same host.
The volume, variety, and velocity of log data generated by large IT environments can overwhelm many lightweight log collection tools.
Multiple collection tools can create data silos which make sharing log data among multiple groups difficult.
Combining log management and analysis functions can prove to be expensive if the solution can’t deliver real value to multiple user groups.
Unstable collection agents that frequently crash can cause logs to go missing and cause headaches for IT operations.
Using a single solution for collection logs can eliminate the problems caused by deploying several agents on log source hosts. syslog-ng is technology independent, supporting well-established transport technologies.
Semi-structured data allows for reduction of complexity, normalization, enables larger data sets to be searched more easily. syslog-ng can filter, parse, re-write and classify data on clients at unparalleled speeds to reduce the size and complexity of log data stored centrally.
syslog-ng can collect and route logs in near real-time based on a virtually infinite number of rules based on source type, source address, and message content
syslog-ng Premium Edition and the syslog-ng Store Box can ensure zero message loss during transport from clients to the central logserver using TCP for transmission, the Reliable Log Transfer Protocol (RLTP™) for application acknowledgement, a client-side disk buffer, and client-side failover for network outages.
With more than one million users and dozens of books including instructions, syslog-ng does not require expensive professional services to deploy and maintain.
syslog-ng can send logs to multiple destinations in parallel to serve the needs of multiple departments or to integrate with multiple log analysis tools. Logs sent to these different destinations can be filtered, processed and formatted independently and transferred over a wide variety of protocols and methods. The syslog-ng Store Box offers a REST-based API to access log data.
syslog-ng Premium Edition and the syslog-ng Store Box use SSL/TLS encryption to transfer logs and the logstore, an encrypted, compressed and time-stamped log file to store data.
licenses for syslog-ng Premium Edition and syslog-ng Store Box are based on the number of hosts sending logs, not the amount of data being processed so increases in the rate or the total amount of your log data will not increase your costs.
Reducing the number of collection solutions makes log management deployments simpler and more stable reducing operations costs.
Many log analysis tools license their products based on the amount of data processed. Reducing the amount of data sent to log analysis tools can lower deployment costs.
Deploying syslog-ng as a single log collection and routing tool can eliminate the need for installing multiple collection tools and lengthy, costly integration projects completed by vendors’ professional services teams or external consultants.
Reducing the size and complexity of log data can dramatically improve search times.
Tell us a bit more about you and let us know how we can help.
Not ready to talk to an expert yet?