[Dshield] Remote logging via syslogd

mark rowlands mark.rowlands at mypost.se
Mon Sep 29 17:59:00 GMT 2003


> -----Original Message-----
> From: list-bounces at dshield.org 
> [mailto:list-bounces at dshield.org] On Behalf Of Jon R. Kibler
> Sent: Monday, September 29, 2003 4:26 PM
> To: list at dshield.org
> Subject: [Dshield] Remote logging via syslogd
> 
> Greetings:
> 
> We are remotely managing a couple of Sparc boxes. We want to 
> do centralized logging, where syslogd on the remote systems 
> logs to our local log server. This is essentially a 
> brain-dead configuration, if we want to do logging over the 
> Internet in plain text. In fact, we tested the configuration 
> and it worked first time.
> 
> However, logging in plain text will not cut it -- too much 
> information is leaked for this to work in a production 
> environment. What we really want to do is to route the remote 
> logs through a secure tunnel. We were thinking this was the 
> perfect job for stunnel, until we remembered that stunnel 
> doesn't support UDP.
> 
> Any thoughts on an easy way to do real-time secure remote 
> logging between Sparc boxes?

Syslog-ng  ? 





More information about the list mailing list