Compare rsyslog vs syslog-ng
rsyslogsyslog-ng
Mis à jour2013-03-20 17:56:582013-03-20 17:56:58
Site webhttp://www.rsyslog.comhttp://www.balabit.com/network-security/syslog-ng/
licenseGPLv3 (GPLv2 for v2 branch)LGPL
Input Sources
UNIX domain socketOuiOui
UDPOuiOui
TCPOuiOui
RELPOui
RFC 3195/BEEPOui (via im3195)Oui
kernel logOuiOui
fileOuiOui
mark message generator as an optional inputOui
Standard output (stdout) of an applicationOui
Named pipeOui
Handle multi-line messages like Apache Tomcat or Oracle log messagesNon
Windows Event LogOui a Windows event logging software such as EventReporter orMonitorWare Agent (both commercial software, both fund rsyslogdevelopment)- via separate agent only available at Personal Edition
Network (Protocol) Support
support for (plain) tcp based syslogOuiOui
support for GSS-APIOui
ability to limit the allowed network senders (syslog ACLs)Oui
support for syslog-transport-tls based framing on syslog/tcp connectionsOui
udp syslogOuiOui
syslog over RELPOui
truly reliable message delivery (Why is plain tcp syslog not reliable?)Oui
on the wire (zlib) message compressionOui- only when using TLS
support for receiving messages via reliable RFC 3195 deliveryOui
support for TLS/SSL-protected syslogOui (since 3.19.0)via stunnelOui
support for IETF's new syslog-protocol draftOuiOui
support for IETF's new syslog-transport-tls draftOui (since 3.19.0 - world's first implementation)Oui
support for IPv6OuiOui
native ability to send SNMP trapsOui- only in syslogng box appliance
ability to preserve the original hostname in NAT environments and relay chainsOuiOui
Message Filtering
Filtering for syslog facility and priorityOuiOui
Filtering for hostnameOuiOui
Filtering for applicationOuiOui
Filtering for message contentsOuiOui
Filtering for sending IP addressOuiOui
ability to filter on any other message field not mentioned above (including substrings and the like)OuiOui
support for complex filters, using full boolean algebra with and/or/not operators and parenthesisOuiOui
Support for reusable filters: specify a filter once and use it in multiple selector lines noOui
support for arbritrary complex arithmetic and string expressions inside filtersOuiOui
ability to use regular expressions in filtersOuiOui PRCE and POSIX
support for discarding messages based on filtersOuiOui
ability to filter out messages based on sequence of appearingOui (starting with 3.21.3)
powerful BSD-style hostname and program name blocks for easy multi-host supportOui
Supported Database Outputs
MySQLOui (native ommysql, omlibdbi)Oui
PostgreSQLOui (native ompgsql, omlibdbi)Oui
OracleOui (omlibdbi)Oui
SQLiteOui (omlibdbi)Oui
Microsoft SQL (Open TDS)Oui (omlibdbi)Oui
Sybase (Open TDS)Oui (omlibdbi)
Firebird/InterbaseOui (omlibdbi)
IngresOui (omlibdbi)
mSQLOui (omlibdbi)
Enterprise Features
support for on-demand on-disk spooling of messagesOui
ability to limit disk space used by spool filesOui
each action can use its own, independant set of spool filesOui
different sets of spool files can be placed on different diskOui
ability to process spooled messages only during a configured timeframe (e.g. only during off-peak hours, during peak hours they are enqueued only)Oui (can independently be configured for the main queue and each action queue)
ability to configure backup syslog/database serversOui
Professional SupportOui
Config File
config file formatcompatible to legacy syslogd but ugly
ability to include config file from within other config filesOuiOui
ability to include all config files existing in a specific directoryOui
Extensibility
Functionality split in separately loadable modulesOui
Support for third-party input pluginsOui
Support for third-party output pluginsOui
Other Features
ability to generate file names and directories (log targets) dynamicallyOuiOui
control of log output format, including ability to present channel and priority as visible log dataOuiOui
native ability to send mail messagesOui (ommail, introduced in 3.17.0)
good timestamp format control; at a minimum, ISO 8601/RFC 3339 second-resolution UTC zoneOuiOui microsecond time resolution, extended RFC3339, timezone information
ability to reformat message contents and work with substringsOuiOui
support for log files larger than 2gbOuiOui
support for log file size limitation and automatic rollover command executionOuiOui
support for running multiple syslogd instances on a single machineOui
ability to execute shell scripts on received messagesOui
ability to pipe messages to a continously running program
massively multi-threaded for tomorrow's multi-core machinesOuiOui
ability to control repeated line reduction ("last message repeated n times") on a per selector-line basisOui
supports multiple actions per selector/filter conditionOui
web interfacephpLogCon [also works with php-syslog-ng]
using text files as input sourceOuiOui
rate-limiting output actionsOuiOui
discard low-priority messages under system stressOui
flow control (slow down message reception when system is busy)Oui (advanced, multiple ways to slow down inputs depending on individual input capabilities, based on watermarks)Oui
rewriting messagesOuiOui
output data into various formatsOuiOui
ability to control "message repeated n times" generationOui
supported platforms Linux, BSD, anecdotical seen on Solaris; compilation and basic testing done on HP UXOui
DNS cacheOuiOui
Windows Event Log containers / log files (via separate agent application)
Latest version7.2.6 stable (March 2013)Open Source Edition (OSE) 3.4 (Feb 2013)
Inclure

Commentaires

Pas de commentaires pour l'instant. Soyez le premier à donner votre avis.

Laisser un commentaire

Créer des tableaux comparatifs ou listes sur tout !

C'est gratuit et rapide de créer des tableaux originaux

Créer un tableau