Date: Jun 16, 2009

First choice to make in my syslog project is which daemon to use. Syslog-ng seems to be the best supported by the community. Rsyslog is also another contender.

I started down the path of using Syslog-ng. Solaris is our platform of choice for infrastructure systems. I've spent several weeks (part time) trying to get Syslog-ng to compile on Solaris 10. I've had different problems on x86, sun4u and sun4v. I've tried 3.x, 2.x, and 1.6.x.

After a particularly frustrating afternoon of build errors with Syslog-ng, I decided to give Rsyslog a shot. I first downloaded the version dubbed 'stable', 3.22.0. It had a couple of build problems right out of the box that were Solaris specific. They showed up clearly on the mailing lists. The build problems were addressed in the 4.x branch, so I downloaded 4.1.7. It compiled and installed without incident.

At this point, I think I'm going with Rsyslog. It has all the features I need and doesn't look like it will consume much of my time.

Tomorrow I'll try to create a package for Solaris with SMF and default config file.