Bug 170663 - Would like to get syslog-ng to replace syslog in Fedora Core
Would like to get syslog-ng to replace syslog in Fedora Core
Product: Fedora
Classification: Fedora
Component: distribution (Show other bugs)
All Linux
medium Severity medium
: ---
: ---
Assigned To: Bill Nottingham
Bill Nottingham
Depends On:
  Show dependency treegraph
Reported: 2005-10-13 13:14 EDT by Stephen John Smoogen
Modified: 2014-03-16 22:56 EDT (History)
6 users (show)

See Also:
Fixed In Version: F8
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2007-12-06 18:18:25 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Stephen John Smoogen 2005-10-13 13:14:10 EDT
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.12) Gecko/20050921 Red Hat/1.0.7-1.4.1 Firefox/1.0.7

Description of problem:
One of the things we have to do at our sites is remove the Red
Hat/Fedora syslog services and replace them with syslog-ng. The TCP
part, the better message congestion issues, and the better ability to
group logging together is really needed by larger sites. [We have
found that the lossiness of regular syslog can get black marks on
reviews.] A long time ago, it was proposed for inclusion around Red
Hat Linux 6.0 but was considered too unstable and some other issues.

Could it be evaluated again for either for replacing the older syslog
system or working the syslog system so that alternatives could cover
it with syslog-ng in extras? What issues would need to be done to help
this along?

This is very useful for our various groups to meet US Government FISMA logging requirements. Trying to use syslog for more than 100 boxes causes too much data to be lost which means we are out of compliance.

Version-Release number of selected component (if applicable):

How reproducible:

Steps to Reproduce:
The loss of syslog data shows up when we have more than 50 or so boxes reporting to a syslog server. In trying to log all the new audit data to a central box we find we can lose data with less machines. Our requirements for a logging system is to be able to handle 255 or so machines logging audit to syslog-ng.

Additional info:
Comment 1 Jake Garver 2006-06-19 14:02:51 EDT
Is syslog-ng on the roadmap yet?  I'm considering replacing the standard syslog
with syslog-ng because:
1) I need reliable syslog (over TCP).
2) The standard syslog doesn't relay.  I want to bounce or proxy syslogs through
a centraly server point on their way to a management framework.  It simplifies
my network topology.

Also, the flexibility offered by syslog-ng is appreciated.
Comment 2 Rahul Sundaram 2006-07-19 21:04:12 EDT

It seems unlikely that syslog-ng would be added to Fedora Core based on the
comments in https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=154974 (RHEL
report but arguments apply to FC too)

Some additional work on syslog is being done as per
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=178855 which makes it
easier to optionally do what syslog-ng does.

I would leave the finally decision upto rel eng

Comment 3 Stephen John Smoogen 2006-07-20 10:52:00 EDT
Sigh, 178855 is closed to the public. 
Comment 4 Rahul Sundaram 2006-07-20 11:24:17 EDT

Ok, The second bugzilla reports says essentially the same things as the first one. 
Comment 5 Jason Tibbitts 2007-12-06 18:18:25 EST
Actually syslogd has been replaced by rsyslog in F8, but we also ship syslog-ng.
 The old syslog package is no longer shipped as far as I can see.

So I think this should probably have been closed some time ago.

Note You need to log in before you can comment on or make changes to this bug.