|
|
LogAnalysis
[logs] UDP/TCP load balancer recommendations Nov 20 2007 02:01AM Steve Bernacki (loganalysis f copacetic net) (3 replies) Re: [logs] UDP/TCP load balancer recommendations Nov 20 2007 09:37AM Daniel San Miguel Reyero (d downby net) Re: [logs] UDP/TCP load balancer recommendations Nov 20 2007 03:11AM Marcin Antkiewicz (loganalysis kajtek org) |
|
Privacy Statement |
> My organization is about to embark on a project to fortify our log
> capture and analysis infrastructure. One item that I've identified
> as being necessary is a load balancer to spread the incoming message
> stream (primarily syslog/udp) across our back-end syslog-ng
> receivers.
Are you really looking to load balance, or are you looking for
redundancy/failover?
If you are really looking for load balancing, you will need a good
solution for event correlation across systems, or you will need to
insert your events into some kind of shared DB or shared FS.
If you are looking for redundancy/failover, you might be better off
having your sources each send to multiple syslog server, with each
server on a different subnet. If your network supports proper routed
multicast and your hosts are using UDP syslog, you can save some
bandwidth by multicasting syslog -- although expect to have many
issues getting that working quite right.
- Morty
_______________________________________________
LogAnalysis mailing list
LogAnalysis (at) loganalysis (dot) org [email concealed]
http://www.loganalysis.org/mailman/listinfo/loganalysis
[ reply ]