For those who aren’t aware of these two logging methods, the journal is the current standard method of storing and reading system (and some other) log files, essential to improving how your system runs and troubleshooting errors. In many ways, it’s a big improvement over what existed before which were individual syslog text files which requires search and parsing skills plus didn’t always have the information you needed.
As the blog describes,
This is fine if you only want to look at logs on your local machine, but this breaks down when you want to look for something across several machines in your network. Today, the systemd journal not only is mostly limited to reading local logs, as a newer technology many older at times very powerful apps don’t support collecting data directly from the journal.
To provide that traditional versatility, enter syslog-ng.
Enhanced, syslog-ng not only exports the journal log data into the older, traditional format for use with a multitude of tools, it’s also by itself a powerful tool for parsing what you want from the data.
The blog is short, and probably a worthwhile read no matter what level openSUSE User you may be.
zypper in syslog-ng
Retrieving repository 'Packman Repository' metadata .........................[done]
Building repository 'Packman Repository' cache ..............................[done]
Loading repository data...
Reading installed packages...
Resolving package dependencies...
Problem: systemd-logger-237-4.1.x86_64 conflicts with namespace:otherproviders(sysl
og) provided by syslog-ng-3.14.1-1.1.x86_64
Solution 1: deinstallation of systemd-logger-237-4.1.x86_64
Solution 2: do not install syslog-ng-3.14.1-1.1.x86_64
**Choose from above solutions by number or cancel [1/2/c] (c): **c
To me,
That looks like something that should be submitted to https://bugzilla.opensuse.org
Namespace collision errors can be missed, and should be easy for someone to fix.
If you haven’t submitted a bug before, do so and become a contributing member(and should be easy to do)!
I am using “rsyslog” with Leap 42.3. On that conflict, I went with “pick 1”. But I only had to do that, because “rsyslog” was not on the install DVD. For Leap 15.0, it looks as if “rsyslog” is on the install DVD. If you pick it at install time, you won’t have to uninstall something else, because nothing is yet installed.
As for which? It really depends on what you want. I’ve been using Linux and other unix variants for a long time. So I am used to looking at logfiles. So having logfiles is the best choice for me. For somebody coming to linux with no prior familiarity, allowing systemd-journal to manage the log records might well be the best approach.