How about bringing it in as an alternate? For example, there 5-6
different mail
programs, 3 smpt deamons, at least 2 http deamons, and a couple news deamons
already in the distribution. The people that want to try out the new daemon can
do so and if they don't get hacked, other people might try it too. I'd vote for
making it available, but not the default.
But let's also consider this. According to freshmeat, it was last updated in
March 2003. Is it being maintained? Or is it done?
http://www.balabit.com/products/syslog_ng/upgrades.bbq
last release was 15 days ago.
I would advocate moving slowly for security related items. Logging is
a
cornerstone of security.
Which is why I advocate bringing in syslog-ng, if not as a replacement
at least as an option for a syslog daemon.
syslog-ng supports regexs on logs, splitting on hostname, separate
scripts per instance, tcp, alternate ports, stunnel wrapping of the
whole daemon.
it's head and shoulders above syslogd and I can personally say I've been
running it on our central loghost for > 4 yrs now w/o a problem.
-sv