BalaBit Blog

 As you might have already noticed, I'm a great fan of low power machines. Running on just a few watts, these little machines can do amazing things: be a home theater PC or run your local file server. Or they can be used as the central syslog server on your home or small office network, running of course syslog-ng. There are many devices, which can send logs: not only computers, but routers, wifi access points, NAS devices, and even some home automation systems.I have some of these machines on my desk: a Raspberry PI, an EFIKA MX, a CuBox which all run on ARM CPU-s (just like most mobile phones) and an AMD based FitPC-3. Testing my gadgets as logservers For my tests I checked, what was the highest sustained message rate these little machines could receive for a longer period of time. I used 10 TCP connections, as this is the maximum number of devices on an average small network, and because I don't like UDP's “fire and forget” nature. The limitation was CPU most of the time, except for the strongest machine where the storage had also a notable impact on performance. Instead of a configuration tuned especially for high performance, I used stock distribution syslog-ng.conf with minimal performance tuning, like increasing log_fifo_size and log_iw_size. I used the latest available syslog-ng version available for the device: syslog-ng 3.3 for the ARM machines (running Debian) and 3.4 for the AMD machine (running openSUSE). Results Raspberry Pi is the smallest machine in ... [Read More]