On Sun, Sep 09, 2007 at 09:04:54AM -0700, Shahin Ansari wrote:
> Greetings-
> I have some questions regarding firewall testing:
> 1- Seems I am losing some syslog messages. I have kiwi on a xp pc,
> and most of time it is running at 100% so I know it is running full
> speed, and it is overloaded. My Goal is to capture the critical
> messages, and I am thinking of rate-limiting the other categories
> which I do not care about in hope to see the more critical messages.
> Any other suggestions?

Switch to BSD system with syslog-ng?
Send critical messages via tcp, while letting non-critical ones flow via udp?

firewall-wizards mailing list