Re: [fw-wiz] More Syslog Questions
From: Frank Knobbe (frank_at_knobbe.us)
Date: 07/16/04
- Previous message: Santos: "[fw-wiz] Firewalling at the domain users level instead of network level"
- In reply to: Nathaniel Hall: "[fw-wiz] More Syslog Questions"
- Next in thread: Iņaki Arenaza: "Re: [fw-wiz] More Syslog Questions"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: Nathaniel Hall <halln@otc.edu> Date: Fri, 16 Jul 2004 00:02:16 -0500
On Tue, 2004-07-13 at 15:10, Nathaniel Hall wrote:
> In an effort to make the log server as secure as possible, I would
> like to find a way to use an append only file system. Unfortunately,
> if this is done, logs cannot be rotated using logrotate so the server
> must be taken down to single user mode to rotate the logs, causing the
> loss of many log entries.
May I suggest you look at alternative syslog daemons? I personally
prefer syslog-ng. I have it configured so that that it creates unique
files each day named <year>-<month>-<day>-messages, -firewall, -auth,
etc. No need to rotate the logs as you have one file per day per log
type. It is very easy to configure.
Furthermore you can forward syslog messages between hosts via TCP which
makes it very easy to tunnel data over SSL or SSH to a central log
server.
Check it out at http://www.balabit.com/products/syslog_ng
Regards,
Frank
_______________________________________________
firewall-wizards mailing list
firewall-wizards@honor.icsalabs.com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
- application/pgp-signature attachment: This is a digitally signed message part
- Previous message: Santos: "[fw-wiz] Firewalling at the domain users level instead of network level"
- In reply to: Nathaniel Hall: "[fw-wiz] More Syslog Questions"
- Next in thread: Iņaki Arenaza: "Re: [fw-wiz] More Syslog Questions"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
