Hi All,I need some info , I'm trying to migrate existing syslog server to cribl stream , I have a doubt if the cribl server shuts down for any reason , Is there any way we can get the logs in the timeperiod when the server is down.Note : I'm having only one syslog server.
Question
Is there any way we can get the logs in the timeperiod when the server is down?
With a single box, no, it's the same as with your current Syslog server. If the service is down, logs usually get lost because most Syslog sources can't buffer
No, you will always have the potential of loss. Even with multiple servers, and a load balanced solution, you might run into data loss. Engineering a completely lossless solution is a lot harder than it sounds
thanks for the response. In your opinion what is the ideal solution to collect syslog data using cribl.
Well, I'd still use Cribl. You can use multiple workers plus load balancer to reduce the chance of loss.
Sign up
Already have an account? Login
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.