0 Replies Latest reply on Aug 27, 2016 12:18 AM by Regis

    Best way to keep up with a lot of new Linux syslog sources?

    Regis

      What features of ESM/Receiver are you using to keep up with a lot of new Linux servers being dropped into an environment?   What auto-learning options are available and useful without having so many downsides you don't want to use them?

       

      If the hosts can also send to a syslog server in addition to the receiver, is it better to use syslog relay options and  just monitor the syslog server?

       

      I sense there are several ways to do this, but curious what's working for various folks.