<html><body><div style="font-family: arial, helvetica, sans-serif; font-size: 12pt; color: #000000"><div><br></div><div><br></div><hr id="zwchr" data-marker="__DIVIDER__"><div data-marker="__HEADERS__"><blockquote style="border-left: 2px solid #1010FF; margin-left: 5px; padding-left: 5px; color: #000; font-weight: normal; font-style: normal; text-decoration: none; font-family: Helvetica,Arial,sans-serif; font-size: 12pt;" data-mce-style="border-left: 2px solid #1010FF; margin-left: 5px; padding-left: 5px; color: #000; font-weight: normal; font-style: normal; text-decoration: none; font-family: Helvetica,Arial,sans-serif; font-size: 12pt;"><b>From: </b>"Alex Carver" <agcarver+ale@acarver.net><br><b>To: </b>ale@ale.org<br><b>Sent: </b>Friday, September 11, 2015 12:39:28 PM<br><b>Subject: </b>Re: [ale] [Fwd: Advertising on ale.org] - OT MS vs Apple vs Linux/UNIX<br></blockquote></div><div data-marker="__QUOTED_TEXT__"><blockquote style="border-left: 2px solid #1010FF; margin-left: 5px; padding-left: 5px; color: #000; font-weight: normal; font-style: normal; text-decoration: none; font-family: Helvetica,Arial,sans-serif; font-size: 12pt;" data-mce-style="border-left: 2px solid #1010FF; margin-left: 5px; padding-left: 5px; color: #000; font-weight: normal; font-style: normal; text-decoration: none; font-family: Helvetica,Arial,sans-serif; font-size: 12pt;"><br><br>1. Keep nothing locally (Storage=none) and run a second daemon<br>(rsyslogd, syslog-ng) alongside journald to process everything as I do<br><br></blockquote><div><br></div><div>I think syslog-ng is one of the best logging solutions. On my device I've used rsylogd and the syslog in Busybox. For the past 5 years I've been using syslong-ng.</div><div><br data-mce-bogus="1"></div><div>Once I really learned how to configure it I modified my daemons that were logging to their own files to then log to syslog-ng. I then used regex in the config to duplicate those syslog messages to specific files for each daemon. This allows me to quickly see what is going on in the software while maintaining syslog compatibility.</div><div><br data-mce-bogus="1"></div><div>syslog-ng also routes inbound messages (from remote devices) by source ip. Those are stored in their own files as well. Software watches those messages and can look for 100s of regex matches on that stream. Any match creates a trouble ticket and deploys a technician to the location.</div><div><br data-mce-bogus="1"></div><div><br data-mce-bogus="1"></div></div></div></body></html>