summaryrefslogtreecommitdiffstats
path: root/doc
diff options
context:
space:
mode:
Diffstat (limited to 'doc')
-rw-r--r--doc/manual.html2
-rw-r--r--doc/rsyslog_ng_comparison.html514
2 files changed, 354 insertions, 162 deletions
diff --git a/doc/manual.html b/doc/manual.html
index 80358f39..46bfd958 100644
--- a/doc/manual.html
+++ b/doc/manual.html
@@ -60,7 +60,7 @@ modules</a></li>
<li><a href="rsyslog_stunnel.html">ssl-encrypting
syslog with stunnel</a></li>
<li><a href="rsyslog_mysql.html">writing syslog
-messages to MySQL</a></li>
+messages to MySQL (and other databases as well)</a></li>
<li><a href="rsyslog_high_database_rate.html">writing
massive amounts of syslog messages to a database</a></li>
<li><a href="rsyslog_php_syslog_ng.html">using
diff --git a/doc/rsyslog_ng_comparison.html b/doc/rsyslog_ng_comparison.html
index 07ceb09d..6a9d9bd8 100644
--- a/doc/rsyslog_ng_comparison.html
+++ b/doc/rsyslog_ng_comparison.html
@@ -1,15 +1,17 @@
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html><head>
-<meta content="de" http-equiv="Content-Language"><title>rsyslog vs. syslog-ng - a comparison</title></head>
+<meta content="de" http-equiv="Content-Language"><title>rsyslog vs. syslog-ng - a comparison</title>
+
+</head>
<body>
<h1>rsyslog vs. syslog-ng</h1>
<p><small><i>Written by <a href="http://www.gerhards.net/rainer">Rainer Gerhards</a>
-(2008-02-15)</i></small></p>
+(2008-02-28)</i></small></p>
<p>We have often been asked about a comparison sheet between
rsyslog and syslog-ng. Unfortunately, I do not know much about
syslog-ng, I did not even use it once. Also, there seems to be no
-comprehensive feature sheet available for syslog-ng (that recently changed, see
-below). So I started this
+comprehensive feature sheet available for syslog-ng (that recently
+changed, see below). So I started this
comparison, but it probably is not complete. For sure, I miss some
syslog-ng features. This is not an attempt to let rsyslog shine more
than it should. I just used the <a href="features.html">rsyslog
@@ -25,319 +27,509 @@ comparison sheet, so please don't be shy ;)</p>
<td valign="top"><b>rsyslog</b></td>
<td valign="top"><b>syslog-ng</b></td>
</tr>
+
+
<tr>
-<td valign="top">support for on-demand on-disk
-spooling of messages</td>
+<td colspan="3" valign="top"><br><b>Input Sources</b><br></td>
+</tr>
+<td valign="top">UNIX domain socket</td>
<td valign="top">yes</td>
-<td valign="top">paid edition only</td>
+<td valign="top">yes<td>
</tr>
<tr>
-<td valign="top">ability to configure backup
-syslog/database servers </td>
+<td valign="top">UDP</td>
<td valign="top">yes</td>
-<td valign="top">no</td>
+<td valign="top">yes<td>
</tr>
<tr>
-<td valign="top">ability to generate file names and
-directories (log targets) dynamically</td>
-<td valign="top">yes</td>
+<td valign="top">TCP</td>
<td valign="top">yes</td>
+<td valign="top">yes<td>
</tr>
<tr>
-<td valign="top">control of log output format,
-including ability to present channel and priority as visible log data</td>
+<td valign="top">RFC 3195/BEEP</td>
+<td valign="top">yes (needs separate build process)</td>
+<td valign="top">no<td>
+</tr>
+<tr>
+<td valign="top">kernel log</td>
<td valign="top">yes</td>
-<td valign="top">not sure...</td>
+<td valign="top">yes<td>
</tr>
<tr>
-<td valign="top">good timestamp format control; at a
-minimum, ISO 8601/RFC 3339 second-resolution UTC zone</td>
+<td valign="top">file</td>
<td valign="top">yes</td>
-<td valign="top">? (I guess so)</td>
+<td valign="top">yes<td>
</tr>
<tr>
-<td valign="top">ability to reformat message
-contents and work with substrings</td>
+<td valign="top">mark message generator as an optional input</td>
<td valign="top">yes</td>
-<td valign="top">I think yes</td>
+<td valign="top">no (?)<td>
</tr>
<tr>
-<td valign="top">support for log files larger than
-2gb</td>
+<td valign="top">Windows Event Log</td>
+<td valign="top">via <a href="http://www.eventreporter.com">EventReporter</a>
+or <a href="http://www.mwagent.com">MonitorWare Agent</a>
+(both commercial software)</td>
+<td valign="top">via separate Windows agent, paid edition only</td>
+</tr>
+
+
+<tr>
+<td colspan="3" valign="top"><b><br>Network (Protocol) Support</b><br></td>
+</tr>
+<tr>
+<td valign="top">support for (plain) tcp based syslog</td>
<td valign="top">yes</td>
<td valign="top">yes</td>
</tr>
<tr>
-<td valign="top">support for log file size limitation
-and automatic rollover command execution</td>
+<td valign="top">support for GSS-API</td>
+<td valign="top">yes</td>
+<td valign="top">no (?)</td>
+</tr>
+<tr>
+<td valign="top">ability to limit the allowed
+network senders (syslog ACLs)</td>
<td valign="top">yes</td>
<td valign="top">yes (?)</td>
</tr>
<tr>
-<td valign="top">support for running multiple
-syslogd instances on a single machine</td>
+<td valign="top">support for syslog-transport-tls
+based framing on syslog/tcp connections</td>
<td valign="top">yes</td>
-<td valign="top">? (but I think yes)</td>
+<td valign="top">no (?)</td>
</tr>
<tr>
-<td valign="top">ability to filter on any part of
-the message, not just facility and severity</td>
+<td valign="top">udp syslog</td>
<td valign="top">yes</td>
<td valign="top">yes</td>
</tr>
<tr>
-<td valign="top">ability to use regular expressions
-in filters</td>
+<td valign="top">on the wire (zlib) message
+compression</td>
<td valign="top">yes</td>
+<td valign="top">no (?)</td>
+</tr>
+<tr>
+<td valign="top">support for receiving messages via
+reliable <a href="http://www.monitorware.com/Common/en/glossary/rfc3195.php">RFC
+3195</a> delivery</td>
<td valign="top">yes</td>
+<td valign="top">no</td>
</tr>
<tr>
-<td valign="top">support for discarding messages
-based on filters</td>
+<td valign="top">support for <a href="rsyslog_stunnel.html">ssl-protected
+syslog</a> </td>
+<td valign="top"><a href="rsyslog_stunnel.html">via
+stunnel</a></td>
+<td valign="top">via stunnel<br>
+paid edition natively</td>
+</tr>
+<tr>
+<td valign="top">support for IETF's new
+syslog-protocol draft</td>
<td valign="top">yes</td>
-<td valign="top">?</td>
+<td valign="top">no</td>
</tr>
<tr>
-<td valign="top">ability to execute shell scripts on
-received messages</td>
+<td valign="top">support for IPv6</td>
<td valign="top">yes</td>
<td valign="top">yes</td>
</tr>
<tr>
-<td valign="top">ability to pipe messages to a
-continously running program</td>
-<td valign="top">no</td>
+<td valign="top">native ability to send SNMP traps</td>
<td valign="top">yes</td>
+<td valign="top">?</td>
</tr>
<tr>
-<td valign="top">powerful BSD-style hostname and
-program name blocks for easy multi-host support</td>
+<td valign="top">ability to preserve the original
+hostname in NAT environments and relay chains</td>
+<td valign="top">yes</td>
<td valign="top">yes</td>
-<td valign="top">no</td>
</tr>
+
+
<tr>
-<td valign="top">massively multi-threaded for
-tomorrow's multi-core machines</td>
+<td colspan="3" valign="top"><br><b>Message Filtering</b><br></td>
+</tr>
+<td valign="top">Filtering for syslog facility and priority</td>
<td valign="top">yes</td>
-<td valign="top">no (only multithreaded with database destinations)</td>
+<td valign="top">yes<td>
</tr>
<tr>
-<td valign="top">ability to control repeated line
-reduction ("last message repeated n times") on a per selector-line basis</td>
+<td valign="top">Filtering for hostname</td>
<td valign="top">yes</td>
-<td valign="top">yes (?)</td>
+<td valign="top">yes<td>
</tr>
<tr>
-<td valign="top">ability to include config file from
-within other config files</td>
+<td valign="top">Filtering for application</td>
<td valign="top">yes</td>
-<td valign="top">no</td>
+<td valign="top">yes<td>
</tr>
<tr>
-<td height="25" valign="top">ability to include all config files
-existing in a specific directory</td>
-<td height="25" valign="top">yes</td>
-<td height="25" valign="top">no</td>
+<td valign="top">Filtering for message contents</td>
+<td valign="top">yes</td>
+<td valign="top">yes<td>
</tr>
<tr>
-<td valign="top">supports multiple actions per
-selector/filter condition</td>
+<td valign="top">Filtering for sending IP address</td>
<td valign="top">yes</td>
-<td valign="top">?</td>
+<td valign="top">yes<td>
</tr>
<tr>
-<td valign="top">plug-in interface</td>
+<td valign="top">ability to filter on any other message
+field not mentioned above
+(including substrings and the like)</td>
<td valign="top">yes</td>
<td valign="top">no</td>
</tr>
<tr>
-<td valign="top">Windows Event Log gatherer</td>
-<td valign="top">via <a href="http://www.eventreporter.com">EventReporter</a>
-or <a href="http://www.mwagent.com">MonitorWare Agent</a>
-(both commercial software)</td>
-<td valign="top">via Windows agent, paid edition only</td>
+<td>support for complex filters, using full boolean algebra
+with and/or/not operators and parenthesis</td>
+<td>yes</td>
+<td>yes</td>
</tr>
<tr>
-<td valign="top">config file format</td>
-<td valign="top">compatible to legacy syslogd but
-ugly</td>
-<td valign="top">clean but not backwards compatible</td>
+<td>Support for reusable filters: specify a filter once and
+use it in multiple selector lines</td>
+<td>no</td>
+<td>yes</td>
</tr>
<tr>
-<td valign="top">web interface</td>
-<td valign="top"><a href="http://www.phplogcon.org">phpLogCon</a><br>
-[also works with <a href="http://freshmeat.net/projects/php-syslog-ng/">
-php-syslog-ng</a>]</td>
-<td valign="top"><a href="http://freshmeat.net/projects/php-syslog-ng/">
-php-syslog-ng</a></td>
+<td>support for arbritrary complex arithmetic and string
+expressions inside filters</td>
+<td>yes</td>
+<td>no</td>
</tr>
<tr>
-<td valign="top">using text files as input source</td>
+<td valign="top">ability to use regular expressions
+in filters</td>
+<td valign="top">yes</td>
<td valign="top">yes</td>
+</tr>
+<tr>
+<td valign="top">support for discarding messages
+based on filters</td>
<td valign="top">yes</td>
+<td valign="top">yes<td>
+</tr>
+<tr>
+<td valign="top">powerful BSD-style hostname and
+program name blocks for easy multi-host support</td>
+<td valign="top">yes</td>
+<td valign="top">no</td>
+</tr>
+<tr>
+<td></td>
+<td></td>
+<td></td>
</tr>
<tr>
-<td valign="top">rate-limiting output actions</td>
-<td valign="top">yes</td>
+<td colspan="3" valign="top"><br><b>Supported Database Outputs</b><br></td>
+</tr>
+<tr>
+<td valign="top">MySQL</td>
+<td valign="top"><a href="rsyslog_mysql.html">yes</a>
+(native ommysql,&nbsp;<a href="omlibdbi.html">omlibdbi</a>)</td>
+<td valign="top">yes (via libdibi)</td>
+</tr>
+<tr>
+<td valign="top">PostgreSQL</td>
+<td valign="top">yes (native ompgsql,&nbsp;<a href="omlibdbi.html">omlibdbi</a>)</td>
+<td valign="top">yes (via libdibi)</td>
+</tr>
+<tr>
+<td valign="top">Oracle</td>
+<td valign="top">yes (<a href="omlibdbi.html">omlibdbi</a>)</td>
+<td valign="top">yes (via libdibi)</td>
+</tr>
+<tr>
+<td valign="top">SQLite</td>
+<td valign="top">yes (<a href="omlibdbi.html">omlibdbi</a>)</td>
+<td valign="top">yes (via libdibi)</td>
+</tr>
+<tr>
+<td valign="top">Microsoft SQL (Open TDS)</td>
+<td valign="top">yes (<a href="omlibdbi.html">omlibdbi</a>)</td>
+<td valign="top">no (?)</td>
+</tr>
+<tr>
+<td valign="top">Sybase (Open TDS)</td>
+<td valign="top">yes (<a href="omlibdbi.html">omlibdbi</a>)</td>
+<td valign="top">no (?)</td>
+</tr>
+<tr>
+<td valign="top">Firebird/Interbase</td>
+<td valign="top">yes (<a href="omlibdbi.html">omlibdbi</a>)</td>
+<td valign="top">no (?)</td>
+</tr>
+<tr>
+<td valign="top">Ingres</td>
+<td valign="top">yes (<a href="omlibdbi.html">omlibdbi</a>)</td>
+<td valign="top">no (?)</td>
+</tr>
+<tr>
+<td valign="top">mSQL</td>
+<td valign="top">yes (<a href="omlibdbi.html">omlibdbi</a>)</td>
+<td valign="top">no (?)</td>
+</tr>
+
+
+<tr>
+<td colspan="3" valign="top"><br><b>Enterprise Features</b><br></td>
+</tr>
+<tr>
+<td valign="top">support for on-demand on-disk
+spooling of messages</td>
<td valign="top">yes</td>
+<td valign="top">paid edition only</td>
</tr>
<tr>
-<td valign="top">discard low-priority messages under
-system stress</td>
+<td valign="top">ability to limit disk space used
+by spool files</td>
+<td valign="top">yes</td>
<td valign="top">yes</td>
-<td valign="top">no (?)</td>
</tr>
<tr>
-<td height="43" valign="top">flow control
-(slow down message reception when system is busy)</td>
-<td height="43" valign="top">limited (TCP
-Window, delay on queue full)</td>
-<td height="43" valign="top">yes (limited,
-too? "stops accepting messages")</td>
+<td valign="top">each action can use its own, independant
+set of spool files</td>
+<td valign="top">yes</td>
+<td valign="top">no</td>
</tr>
<tr>
-<td valign="top">rewriting messages</td>
+<td valign="top">different sets of spool files can
+be placed on different disk</td>
<td valign="top">yes</td>
-<td valign="top">yes (at least I think so...)</td>
+<td valign="top">no</td>
</tr>
<tr>
-<td valign="top">output data into various formats</td>
+<td valign="top">ability to configure backup
+syslog/database servers </td>
<td valign="top">yes</td>
-<td valign="top">yes (looks somewhat limited to me)</td>
+<td valign="top">no</td>
</tr>
<tr>
-<td valign="top">ability to control "message
-repeated n times" generation</td>
+<td>Professional Support</td>
+<td><a href="professional_support.html">yes</a></td>
+<td>yes</td>
+</tr>
+
+
+<tr>
+<td colspan="3" valign="top"><br><b>Config File</b><br></td>
+</tr>
+<tr>
+<td valign="top">config file format</td>
+<td valign="top">compatible to legacy syslogd but
+ugly</td>
+<td valign="top">clean but not backwards compatible</td>
+</tr>
+<tr>
+<td valign="top">ability to include config file from
+within other config files</td>
<td valign="top">yes</td>
-<td valign="top">no (?)</td>
+<td valign="top">no</td>
</tr>
<tr>
-<td valign="top">license</td>
-<td valign="top">GPLv3 (GPLv2 for v2 branch)</td>
-<td valign="top">GPL (paid edition is closed source)</td>
+<td height="25" valign="top">ability to
+include all config files
+existing in a specific directory</td>
+<td height="25" valign="top">yes</td>
+<td height="25" valign="top">no</td>
</tr>
+
+
+
<tr>
-<td valign="top">supported platforms</td>
-<td valign="top">Linux, BSD, anecdotical seen on
-Solaris</td>
-<td valign="top">many popular *nixes</td>
+<td colspan="3" valign="top"><br><b>Extensibility</b><br></td>
</tr>
<tr>
-<td valign="top">DNS cache</td>
+<td valign="top">Functionality split in separately loadable
+modules</td>
+<td valign="top">yes</td>
+<td valign="top">no</td>
+</tr>
+<tr>
+<td valign="top">Support for third-party input plugins</td>
+<td valign="top">yes</td>
<td valign="top">no</td>
+</tr>
+<tr>
+</tr>
+<td valign="top">Support for third-party output plugins</td>
<td valign="top">yes</td>
+<td valign="top">no</td>
</tr>
-<tr><td>Professional Support</td><td><a href="professional_support.html">yes</a></td><td>yes</td></tr><tr>
-<td valign="top"><b><br>
-Network (Protocol) Support<br>
-&nbsp;</b></td>
-<td valign="top">&nbsp;</td>
-<td valign="top">&nbsp;</td>
-</tr>
+
<tr>
-<td valign="top">support for (plain) tcp based syslog</td>
+<td colspan="3" valign="top"><br><b>Other Features</b><br></td>
+</tr>
+<tr>
+<tr>
+<td valign="top">ability to generate file names and
+directories (log targets) dynamically</td>
<td valign="top">yes</td>
<td valign="top">yes</td>
</tr>
<tr>
-<td valign="top">support for GSS-API</td>
+<td valign="top">control of log output format,
+including ability to present channel and priority as visible log data</td>
<td valign="top">yes</td>
-<td valign="top">no (?)</td>
+<td valign="top">not sure...</td>
</tr>
<tr>
-<td valign="top">ability to limit the allowed
-network senders (syslog ACLs)</td>
+<td valign="top">good timestamp format control; at a
+minimum, ISO 8601/RFC 3339 second-resolution UTC zone</td>
+<td valign="top">yes</td>
<td valign="top">yes</td>
-<td valign="top">yes (?)</td>
</tr>
<tr>
-<td valign="top">support for syslog-transport-tls
-based framing on syslog/tcp connections</td>
+<td valign="top">ability to reformat message
+contents and work with substrings</td>
<td valign="top">yes</td>
-<td valign="top">no (?)</td>
+<td valign="top">I think yes</td>
</tr>
<tr>
-<td valign="top">udp syslog</td>
+<td valign="top">support for log files larger than
+2gb</td>
<td valign="top">yes</td>
<td valign="top">yes</td>
</tr>
-
<tr>
-<td valign="top">on the wire (zlib) message
-compression</td>
+<td valign="top">support for log file size
+limitation
+and automatic rollover command execution</td>
+<td valign="top">yes</td>
<td valign="top">yes</td>
-<td valign="top">no (?)</td>
</tr>
<tr>
-<td valign="top">support for receiving messages via
-reliable <a href="http://www.monitorware.com/Common/en/glossary/rfc3195.php">RFC
-3195</a> delivery</td>
+<td valign="top">support for running multiple
+syslogd instances on a single machine</td>
<td valign="top">yes</td>
+<td valign="top">? (but I think yes)</td>
+</tr>
+<tr>
+<td valign="top">ability to execute shell scripts on
+received messages</td>
+<td valign="top">yes</td>
+<td valign="top">yes</td>
+</tr>
+<tr>
+<td valign="top">ability to pipe messages to a
+continously running program</td>
<td valign="top">no</td>
+<td valign="top">yes</td>
</tr>
<tr>
-<td valign="top">support for <a href="rsyslog_stunnel.html">ssl-protected
-syslog</a> </td>
-<td valign="top"><a href="rsyslog_stunnel.html">via
-stunnel</a></td>
-<td valign="top">via stunnel<br>
-paid edition natively</td>
+<td valign="top">massively multi-threaded for
+tomorrow's multi-core machines</td>
+<td valign="top">yes</td>
+<td valign="top">no (only multithreaded with
+database destinations)</td>
</tr>
<tr>
-<td valign="top">support for IETF's new
-syslog-protocol draft</td>
+<td valign="top">ability to control repeated line
+reduction ("last message repeated n times") on a per selector-line basis</td>
<td valign="top">yes</td>
-<td valign="top">no</td>
+<td valign="top">yes (?)</td>
</tr>
<tr>
-<td valign="top">support for IPv6</td>
+<td valign="top">supports multiple actions per
+selector/filter condition</td>
+<td valign="top">yes</td>
+<td valign="top">yes<td>
+</tr>
+<tr>
+<td valign="top">web interface</td>
+<td valign="top"><a href="http://www.phplogcon.org">phpLogCon</a><br>
+[also works with <a href="http://freshmeat.net/projects/php-syslog-ng/">
+php-syslog-ng</a>]</td>
+<td valign="top"><a href="http://freshmeat.net/projects/php-syslog-ng/">
+php-syslog-ng</a></td>
+</tr>
+<tr>
+<td valign="top">using text files as input source</td>
<td valign="top">yes</td>
<td valign="top">yes</td>
</tr>
<tr>
-<td valign="top">native ability to send SNMP traps</td>
+<td valign="top">rate-limiting output actions</td>
+<td valign="top">yes</td>
<td valign="top">yes</td>
-<td valign="top">?</td>
</tr>
<tr>
-<td valign="top">ability to preserve the original
-hostname in NAT environments and relay chains</td>
+<td valign="top">discard low-priority messages under
+system stress</td>
<td valign="top">yes</td>
+<td valign="top">no (?)</td>
+</tr>
+<tr>
+<td height="43" valign="top">flow control
+(slow down message reception when system is busy)</td>
+<td height="43" valign="top">limited (TCP
+Window, delay on queue full)</td>
+<td height="43" valign="top">yes (limited,
+too? "stops accepting messages")</td>
+</tr>
+<tr>
+<td valign="top">rewriting messages</td>
<td valign="top">yes</td>
+<td valign="top">yes (at least I think so...)</td>
</tr>
<tr>
-<td valign="top"><span style="font-weight: bold;"><br>
-Supported Database Outputs<br>
-&nbsp;</span></td>
-<td valign="top"></td>
-<td valign="top"></td>
+<td valign="top">output data into various formats</td>
+<td valign="top">yes</td>
+<td valign="top">yes (looks somewhat limited to me)</td>
</tr>
-
<tr>
-<td valign="top">MySQL</td>
-<td valign="top"><a href="rsyslog_mysql.html">yes</a> (native ommysql,&nbsp;<a href="omlibdbi.html">omlibdbi</a>)</td>
-<td valign="top">yes (via libdibi)</td>
+<td valign="top">ability to control "message
+repeated n times" generation</td>
+<td valign="top">yes</td>
+<td valign="top">no (?)</td>
</tr>
<tr>
-<td valign="top">PostgreSQL</td>
-<td valign="top">yes (native ompgsql,&nbsp;<a href="omlibdbi.html">omlibdbi</a>)</td>
-<td valign="top">yes (via libdibi)</td>
+<td valign="top">license</td>
+<td valign="top">GPLv3 (GPLv2 for v2 branch)</td>
+<td valign="top">GPL (paid edition is closed source)</td>
</tr>
-<tr><td valign="top">Oracle</td><td valign="top">yes (<a href="omlibdbi.html">omlibdbi</a>)</td><td valign="top">yes (via libdibi)</td></tr><tr><td valign="top">SQLite</td><td valign="top">yes (<a href="omlibdbi.html">omlibdbi</a>)</td><td valign="top">yes (via libdibi)</td></tr><tr><td valign="top">Microsoft SQL (Open TDS)</td><td valign="top">yes (<a href="omlibdbi.html">omlibdbi</a>)</td><td valign="top">no (?)</td></tr><tr><td valign="top">Sybase (Open TDS)</td><td valign="top">yes (<a href="omlibdbi.html">omlibdbi</a>)</td><td valign="top">no (?)</td></tr><tr><td valign="top">Firebird/Interbase</td><td valign="top">yes (<a href="omlibdbi.html">omlibdbi</a>)</td><td valign="top">no (?)</td></tr><tr><td valign="top">Ingres</td><td valign="top">yes (<a href="omlibdbi.html">omlibdbi</a>)</td><td valign="top">no (?)</td></tr><tr><td valign="top">mSQL</td><td valign="top">yes (<a href="omlibdbi.html">omlibdbi</a>)</td><td valign="top">no (?)</td></tr></tbody>
+<tr>
+<td valign="top">supported platforms</td>
+<td valign="top">Linux, BSD, anecdotical seen on
+Solaris</td>
+<td valign="top">many popular *nixes</td>
+</tr>
+<tr>
+<td valign="top">DNS cache</td>
+<td valign="top">no</td>
+<td valign="top">yes</td>
+</tr>
+
+
+</tbody>
</table>
+<p>While the <span style="font-weight: bold;">rsyslog</span>
+project was initiated in 2004, it <span style="font-weight: bold;">is
+build on the main author's (Rainer Gerhards) 12+ years of
+logging&nbsp;experience</span>. Rainer, for example, also
+wrote the first <a href="http://www.winsyslog.com/Common/en/News/WinSyslog-1996-03-31.php">Windows
+syslog server</a> in early 1996 and invented the <a href="http://www.eventreporter.com/Common/en/News/EvntSLog-1997-03-23.php">eventlog-to-syslog</a>
+class of applications in early 1997. He did custom logging development
+and consulting even before he wrote these products. Rsyslog draws on
+that vast experience and sometimes even on the code.</p>
<p>Based on a discussion I had, I also wrote about the <b>political
argument why it is good to have another strong syslogd besides syslog-ng</b>.
You may want to read it at my blog at "<a href="http://rgerhards.blogspot.com/2007/08/why-does-world-need-another-syslogd.html">Why
does the world need another syslogd?</a>".</p>
-<p>Balabit, the vendor of syslog-ng, has just recently done a feature sheet. I
-have not yet been able to fully work through it. In the mean time, you may want
-to read it in parallel. It is available at
-<a href="http://www.balabit.com/network-security/syslog-ng/features/detailed/">
-Balabit's site</a>.</p>
-<p>This document is current as of 2008-02-15 and definitely
+<p>Balabit, the vendor of syslog-ng, has just recently done a
+feature sheet. I have not yet been able to fully work through it. In
+the mean time, you may want to read it in parallel. It is available at
+<a href="http://www.balabit.com/network-security/syslog-ng/features/detailed/">Balabit's
+site</a>.</p>
+<p>This document is current as of 2008-02-28 and definitely
incomplete (I did not yet manage to complete it!).</p>
-</body></html> \ No newline at end of file
+</body></html>