Re: Simultaneously write syslog to another server?

From: James (
Date: 04/19/02

From: "James" <>
Date: Fri, 19 Apr 2002 11:04:34 +0100

"David Hart" <> wrote in message
> Remy Sharp <> wrote:
> > For security purposes I want to be able to write the events logged
> > using syslog to another machine (so that if a potential hacker does
> > clean his/her steps - there is a copy I can go by).
> >
> > Does anyone know if:
> >
> > a) this is possible
> > b) this is worth doing
> > c) if there is a simple way of doing this -OR-
> > d) there is a (preferably free) program to do this
> Start syslogd with the '-r' option on the machine you want to log to.
> On the machine you want to log from edit /etc/syslog.conf and add the
> line "*.*"
> --
> David Hart

Hint i was given is also to re-compile syslogd so that it takes its
configuration from a different file (something un obvious eg.
/home/<user>/mythesis.txt) and set the option to export to a different
server there. Then leave a default syslogd.conf in /etc so the intruder
doesn't realise there's more logs to clear.
Think this tip came from who've got papers on
setting this sort of thing up, you could try looking there.