Re: In what case would there be a switch to Syslog...

ansif · ‎06-27-2019

Do we need Syslog-NG PE?

Currently we are using Syslog-NG OSE. At what case we need to swith to PE?

GergelyBodnar · ‎06-27-2019

Hi,

The main differences between syslog-ng PE and OSE:
- Professional support
- Pre-compiled and deeply tested binaries on various platforms
- PE only features like
WEC (Windows Event Collector),
Splunk destination,
Reliable log transport (ALTP),
Tamperproof log storage with logstore

These are the main differences, rest of them can be found on syslog-ng.com

ansif · ‎06-27-2019

Thanks @GerglyBodnar

Let me ask in this way

What is the challenge of using SyslogNG OSE for Splunk? If in case I just need to have some syslogs written to file and forward using UF.

GergelyBodnar · ‎06-27-2019

If you don't want to utilize Splunk HEC, only using UF then the OSE version also can be a good choice for you. In that case when you have high traffic you have to take care of the load balancing/scaling towards Splunk by yourself.

In what case would there be a switch to Syslog-NG PE?

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Build the Future of Agentic AI: Join the Splunk Agentic Ops Hackathon

[Puzzles] Solve, Learn, Repeat: Character substitutions with Regular Expressions

Splunk Community Badges!

Join the Conversation