Meraki / Syslog
We've recently started a trial of a Meraki MX90 security appliance. To get a full detailed log of internet usage, we need to attach an external syslog server.
Firstly, although I'll be logging interenet usage for all machines n school, it's all coming from one security appliance - do I need a server that will handle ~700 connections, or is it just 1 connection (in which case, a free app will do it).
Secondly, if I do need ~700 connections, is there a free/open source/GPL syslog server available you can recommend?
Cheers in advance
It just comes from the MX box. Be warned that you are going to need a LOT of disk space for the log messages if you plan on retaining full usage logging for 700 workstations. The Meraki logs are quite verbose.
You will also probably need to develop some sort of solution to analyse the logs if you want any meaningful data out of them...
have you any suggestions for a reasonable open source/GPL solution for both the server and a reporting tool?
Never processed anything with that sort of volume in production. I think you'll need something that logs to a database rather than flatfile given your need to interrogate the data. I've been using Splunk recently (not OSS but free edition available). The free version is limited to 500MB of data per day though, and you might find you go over that!
Be interested to see your thoughts on the MX90 i'm tempted to get one in one trial.