We are using a central Kiwi Syslog server for gathering all our logs from ESX servers. Setup is quite easy: just make sure port 514 is openend for outgoing UDP traffic. After that, add an entry to: '/etc/syslog.conf' like:
*.*              @fqdn.to.the.kiwisyslogserver

Kiwi Screenshot

Make sure you can resolve it!

Now we configured the Kiwi Syslog to dump the messages to a SQL 2005 Enterprise server. From this server we can query the table to show the results. Almost 100 hosts are dumping their logs to that database and it is cool to query that database.

But at times, the sorting of a result set gives problems since the tempdb is full. So I've written a workaround to query on a host basis. Error message:
"Msg 1105, Level 17, State 2, Line 1
Could not allocate space for object 'dbo.SORT temporary run storage:  189277503029248' in database 'tempdb' because the 'PRIMARY' filegroup is full. Create disk space by deleting unneeded files, dropping objects in the filegroup, adding additional files to the filegroup, or setting autogrowth on for existing files in the filegroup."

Our servernames are labeled <something>00001, <something>00002, ..., <something>00096, etc.

So I wanted to have trailing zeros. With SQL you can:

declare @name int
set @name=1
WHILE @name < 96
BEGIN
select *
from dbo.Syslogd
where MsgHostname = '<something>'+(select right('00000'+cast(@name as varchar(5)),5))+'.yourfqdn.here' and MsgText like '%0/7 0x0%'
order by MsgDate desc
set @name = @name + 1
END