I’m trying to find a higher paying job and I came across one for a “Syslog-ng Admin/Engineer.” The pay seems promising and the requirements aren’t that long but does ask for experience in syslog-ng. I’ve never heard of this before today. What is syslog-ng and what can I do to get experience with it?
Besides Journal not being available on non-Linux, there are a could of reasons for using syslog: it can log to a remote server for instance. Journal does have a remote logging capability, but at best you have to run two log sinks in parallel, at worse it’s a non starter because everything that’s not a Linux box (network routers, VMware hosts, IDS appliances) can’t speak to it
Another is fine filing and retention. With syslog you can say things like “log NOTICE and above from daemon XYZ to XYZ.log and keep 30 days worth; log everything including DEBUG to XYZ-debug.log, keep no more than 10MB”. With Journal you rotate the entire log or nothing, at least last I looked I couldnt find anything finer. There are namespaces, but that doesn’t compowe, the application needs to know which log goes into which namespace