In this review, we compared three log managers: VMware’s Log Insight, Balabit’s Syslog-ng Professional Edition, and SpectorSoft’s SpectorSoft Server Manager. Each offers a way of gathering, compiling, and in the case of VMware, and to a lesser extent, SpectorSoft, making sense of syslogs and Windows Events.
Each vendor’s approach has strengths and decided weaknesses. For syslog and messaging tracking, Syslog-ng Pro is tough to beat as it digests almost anything, works on a vast number of platforms, and has highly tunable message filters. It does not, however, do any analysis—although it will happily cram popular database packages to the gills, at high speed, with filtered, time-stamped log messages.
VMware’s Log Insight can be an almost-must have for VMware infrastructure. It handles a wide variety of log sources via host-installed agents, and has free agent add-ins that add specific brand/model/OS/app details. What’s missing: a larger number of partner/product-specific plug-ins, at least for now. The upshot is that its analysis and dashboard representation of the analysis is very strong, if not quite as vastly heterogeneous as Balabit’s syslog-ng Pro’s.
To continue reading this article register now