I have been thinking about the possibility of load balancing my syslogs between my primary NPM poller and my secondary polling engine. By doing this if either one of those systems had to fail back to my hot-standby system all of the log would be automatically re-directed to the still functioning polling system.
I realize to do this I would need to turn on the syslog function on the secondary poller. Aside from that, what other things would I have to do in order to get this to work? Has anybody else done this before?
Also, are the syslog alerting rules stored and processed on the system that receives them? In this case would I need to replicate all of my alerting and escalation rues for syslog on both systems?
I would really like to hear from somebody to find out if and how this may be possible, thanks in advance for any help on this!
Summary of my Questions:
- Has this been done before and is it possible?
- Where are the syslog alerting and escalation rules stored and processed?
- Would I need to replicate these rules on both systems receiving syslogs?
- Also, if this is possible with syslogs would this same concept also be possible for snmp traps?