[logs] Cross-Platform Log Analysis and Microsoft
Russell Fulton
r.fulton at auckland.ac.nz
Mon Jul 2 22:13:03 PDT 2007
Eric Fitzgerald wrote:
>
> Hi Marcus,
>
> I know that many, perhaps a majority, in this forum would like Microsoft
> to drop eventlog and just put a syslog agent in Windows.
Well I won't claim to speak for 'many' but I for one don't want MS to
"drop eventlog and just put a syslog agent in Windows". What I want is
for MS to add an option to eventlog to pass a configurable subset of the
data for each alert to a syslog server. Eventlog does much more than
Syslog and while most of us are not quite as rabid (have you had your
shots recently ;) as Marcus I think you would be hard pressed to fine
anyone on this list who will admit to liking syslog.
As several others have pointed out syslog is the de facto standard and
is likely to remain so for some time -- many of us have large
installations dedicated to receiving and storing syslog records from
large numbers of machines. What I wish to do is to use our existing
infrastructure to provide the same services our UNIX folk take for
granted to our Windows admins.
It would be really nice if there was one standard way of doing this...
Russell
More information about the LogAnalysis
mailing list