Seems like syslog-ng is the way to go, though also looking at OSSIM.
On Tue, Jun 14, 2011 at 5:08 PM, Michuki Mwangi
<michuki@swiftkenya.com> wrote:
On 6/14/11 4:27 PM, Odhiambo Washington wrote:
> Even the good old syslogd (native to most Unixes) can do the job too.
> What matters is what you want to do with the logs ultimately.
> Rather than run around, go with syslogNG and be happy.
>
+1 for syslog-NG - lots of customization that can be done with it. You
can for instance create different log files for the various devices on
your network, storage based on date and time stamps i.e have a folder
for 2010, 2011, and inside for Jan, April, May, and inside dates... etc.
Lots of options.
HTH,
Michuki.