syslog vs fluentd

	syslog	fluentd
Definition	A standard(protocal) for message logging	A logging agent pulls, processes, puhses log messages
Run as	rsyslogd (for PKS)	fluentd or run as a container
Transport protocol	TCP/UDP/RELP	HTTP/HTTPS
Log source	wide range of network devices	log files/network/socket/execution/etc
Pros	support a wide range of network devices, like routers	more secure if using HTTPS customizable configurations for log sources, filter rules, tagging, reformatting consistency of log messages
Cons	message loss if using UDP log entries are not very human readable hard to do log process. e.g. tag, reformat security issue (one machine could impersonate another machine to send bogus log events)	need to add log source manually