I'm interested in doing centralized logging & analysis of logs from my CentOS boxes. I messed around with syslog-ng and it seems like it's a better syslog. But I noticed most of the "usual suspects" of third-party repo maintainers (Dag, Axel, etc.) don't include it. Karanbir has an el4 version, but all my boxes are CentOS 5. I was going to go ahead and roll my own RPM (or, rather, rebuild Karanbir's el4 version), but it occurred to me to check what others were using in this space. Just sticking with plain old syslogd? Paying for splunk? Is there something else I haven't heard about? johnn