System logging with syslog-ng


When operating a production installation the availability and reliability of services, especially those deemed mission-critical, is of primary importance. Most failures, when analysed after the event, could have been prevented had adequate system logging and reporting systems been in place to ensure that the conditions leading up to the failure were noted and remedial action taken. Such automated log analysis tools can only operate effectively if they have a reliable and consistent set of log files to work from.

This document details how to install and configure the syslog-ng system logging daemon to fulfil a variety of requirements ranging from simply collecting the messages generated by a single system and recording them in a text file to receiving the logs from dozens of different machines and storing them in a database for further analysis while sending email notifications of serious events.