Security Basics mailing list archives
Re: syslog log collabration
From: Glenn English <ghe () slsware com>
Date: 29 Jul 2003 09:43:56 -0600
On Tue, 2003-07-29 at 03:12, subscribe wrote:
1. I'm not sure which syslog daemon to choose: syslogd or syslog-ng. Any comments?
syslogd. Start it with the -r switch to have it listen on port 413, UDP.
2. I have to make the syslog deamon secure so that only the hosts I chose can connect. Is there any whitepapers or recommendations on how to do this?
On Linux, use iptables or ipchains as a packet filter.
3. I need to have a good syslog analyzer to do the logs, report on email or web. What is the best tool for this?
logwatch does a pretty good job. It's bundled with most Linux distros. -- Glenn English ghe () slsware com --------------------------------------------------------------------------- ----------------------------------------------------------------------------
Current thread:
- syslog log collabration subscribe (Jul 29)
- Re: syslog log collabration Glenn English (Jul 29)
- Re: syslog log collabration oneyed (Jul 30)
- <Possible follow-ups>
- Re: syslog log collabration Papapanagiotoy Theofilos (Jul 30)