[logs] Cross-Platform Log Analysis and Microsoft
Mordechai T. Abzug
morty at frakir.org
Mon Jul 2 15:31:59 PDT 2007
On Mon, Jul 02, 2007 at 12:00:11AM -0400, David Corlette wrote:
> I have to disagree a bit here - I personally think syslog is pretty
> lame, and really should die as quickly as possible. It's based on
> an unreliable protocol, after all. And latter-day attempts to send
> it over SSL or whatever are, to my mind, a band-aid solution.
Syslog displays profound levels of suck. But if you come up with
something better *today*, and release it for free, and even pay other
vendors to start deploying it, we're going to need to keep on
supporting syslog for at least a decade. syslog and snmp-trap have
been the only "standard" remote logging protocols for a good number of
years. Lots of people will keep on running devices and apps that they
deploy today for a decade. Some people call old stuff "legacy," while
some people call old stuff "if it ain't broke, don't fix it."
- Morty
More information about the LogAnalysis
mailing list