In this review, we compared three log managers: VMware’s Log Insight, Balabit’s Syslog-ng Professional Edition, and SpectorSoft’s SpectorSoft Server Manager. Each offers a way of gathering, compiling and -- in the case of VMware, and to a lesser extent, SpectorSoft -- making sense of syslogs and Windows events.
Each vendor’s approach has strengths and decided weaknesses. For syslog and messaging tracking, Syslog-ng Pro is tough to beat as it digests almost anything, works on a vast number of platforms and has highly tunable message filters. It does not, however, do any analysis -- although it will happily cram popular database packages to the gills, at high speed, with filtered, time-stamped log messages.
VMware’s Log Insight can be an almost-must have for VMware infrastructure. It handles a wide variety of log sources via host-installed agents, and has free agent add-ins that add specific brand/model/OS/app details. What’s missing: a larger number of partner/product-specific plug-ins, at least for now. The upshot is that its analysis and dashboard representation of the analysis is very strong, if not quite as vastly heterogeneous as Balabit’s syslog-ng Pro’s.
To continue reading this article register now