Compare syslog software
J'aime 1
Compare syslog software: rsyslog vs syslog-ng
Compare syslog software: rsyslog vs syslog-ng
Lien | rsyslog | syslog-ng |
---|---|---|
Mis à jour | 20 mar. 2013 17:56:58 | 20 mar. 2013 17:56:58 |
Site web | rsyslog.com | balabit.com/... |
license | GPLv3 (GPLv2 for v2 branch) | LGPL |
Input Sources | ||
UNIX domain socket | Oui | Oui |
UDP | Oui | Oui |
TCP | Oui | Oui |
RELP | Oui | |
RFC 3195/BEEP | Oui (via im3195) | Oui |
kernel log | Oui | Oui |
file | Oui | Oui |
mark message generator as an optional input | Oui | |
Standard output (stdout) of an application | Oui | |
Named pipe | Oui | |
Handle multi-line messages like Apache Tomcat or Oracle log messages | Non | |
Windows Event Log | Oui a Windows event logging software such as EventReporter orMonitorWare Agent (both commercial software, both fund rsyslogdevelopment) | - via separate agent only available at Personal Edition |
Network (Protocol) Support | ||
support for (plain) tcp based syslog | Oui | Oui |
support for GSS-API | Oui | |
ability to limit the allowed network senders (syslog ACLs) | Oui | |
support for syslog-transport-tls based framing on syslog/tcp connections | Oui | |
udp syslog | Oui | Oui |
syslog over RELP | Oui | |
truly reliable message delivery (Why is plain tcp syslog not reliable?) | Oui | |
on the wire (zlib) message compression | Oui | - only when using TLS |
support for receiving messages via reliable RFC 3195 delivery | Oui | |
support for TLS/SSL-protected syslog | Oui (since 3.19.0)via stunnel | Oui |
support for IETF's new syslog-protocol draft | Oui | Oui |
support for IETF's new syslog-transport-tls draft | Oui (since 3.19.0 - world's first implementation) | Oui |
support for IPv6 | Oui | Oui |
native ability to send SNMP traps | Oui | - only in syslogng box appliance |
ability to preserve the original hostname in NAT environments and relay chains | Oui | Oui |
Message Filtering | ||
Filtering for syslog facility and priority | Oui | Oui |
Filtering for hostname | Oui | Oui |
Filtering for application | Oui | Oui |
Filtering for message contents | Oui | Oui |
Filtering for sending IP address | Oui | Oui |
ability to filter on any other message field not mentioned above (including substrings and the like) | Oui | Oui |
support for complex filters, using full boolean algebra with and/or/not operators and parenthesis | Oui | Oui |
Support for reusable filters: specify a filter once and use it in multiple selector lines no | Oui | |
support for arbritrary complex arithmetic and string expressions inside filters | Oui | Oui |
ability to use regular expressions in filters | Oui | Oui PRCE and POSIX |
support for discarding messages based on filters | Oui | Oui |
ability to filter out messages based on sequence of appearing | Oui (starting with 3.21.3) | |
powerful BSD-style hostname and program name blocks for easy multi-host support | Oui | |
Supported Database Outputs | ||
MySQL | Oui (native ommysql, omlibdbi) | Oui |
PostgreSQL | Oui (native ompgsql, omlibdbi) | Oui |
Oracle | Oui (omlibdbi) | Oui |
SQLite | Oui (omlibdbi) | Oui |
Microsoft SQL (Open TDS) | Oui (omlibdbi) | Oui |
Sybase (Open TDS) | Oui (omlibdbi) | |
Firebird/Interbase | Oui (omlibdbi) | |
Ingres | Oui (omlibdbi) | |
mSQL | Oui (omlibdbi) | |
Enterprise Features | ||
support for on-demand on-disk spooling of messages | Oui | |
ability to limit disk space used by spool files | Oui | |
each action can use its own, independant set of spool files | Oui | |
different sets of spool files can be placed on different disk | Oui | |
ability to process spooled messages only during a configured timeframe (e.g. only during off-peak hours, during peak hours they are enqueued only) | Oui (can independently be configured for the main queue and each action queue) | |
ability to configure backup syslog/database servers | Oui | |
Professional Support | Oui | |
Config File | ||
config file format | compatible to legacy syslogd but ugly | |
ability to include config file from within other config files | Oui | Oui |
ability to include all config files existing in a specific directory | Oui | |
Extensibility | ||
Functionality split in separately loadable modules | Oui | |
Support for third-party input plugins | Oui | |
Support for third-party output plugins | Oui | |
Other Features | ||
ability to generate file names and directories (log targets) dynamically | Oui | Oui |
control of log output format, including ability to present channel and priority as visible log data | Oui | Oui |
native ability to send mail messages | Oui (ommail, introduced in 3.17.0) | |
good timestamp format control; at a minimum, ISO 8601/RFC 3339 second-resolution UTC zone | Oui | Oui microsecond time resolution, extended RFC3339, timezone information |
ability to reformat message contents and work with substrings | Oui | Oui |
support for log files larger than 2gb | Oui | Oui |
support for log file size limitation and automatic rollover command execution | Oui | Oui |
support for running multiple syslogd instances on a single machine | Oui | |
ability to execute shell scripts on received messages | Oui | |
ability to pipe messages to a continously running program | ||
massively multi-threaded for tomorrow's multi-core machines | Oui | Oui |
ability to control repeated line reduction ("last message repeated n times") on a per selector-line basis | Oui | |
supports multiple actions per selector/filter condition | Oui | |
web interface | phpLogCon [also works with php-syslog-ng] | |
using text files as input source | Oui | Oui |
rate-limiting output actions | Oui | Oui |
discard low-priority messages under system stress | Oui | |
flow control (slow down message reception when system is busy) | Oui (advanced, multiple ways to slow down inputs depending on individual input capabilities, based on watermarks) | Oui |
rewriting messages | Oui | Oui |
output data into various formats | Oui | Oui |
ability to control "message repeated n times" generation | Oui | |
supported platforms Linux, BSD, anecdotical seen on Solaris; compilation and basic testing done on HP UX | Oui | |
DNS cache | Oui | Oui |
Windows Event Log containers / log files (via separate agent application) | ||
Latest version | 7.2.6 stable (March 2013) | Open Source Edition (OSE) 3.4 (Feb 2013) |
Avis utilisateurs et commentaires