Firewall Wizards mailing list archives
More Syslog Questions
From: "Nathaniel Hall" <halln () otc edu>
Date: Tue, 13 Jul 2004 15:10:54 -0500
Since someone asked a question about syslog, I thought I would add a couple of my own. I am in the process of setting up a centralized syslog server running RedHat AS3. Currently, I am using syslog as our daemon, but have heard there are other, better solutions. What do you suggest? Mr. Ranum, you spoke to my co-worker at Usenix on this topic, would you mind posting your response to this: In an effort to make the log server as secure as possible, I would like to find a way to use an append only file system. Unfortunately, if this is done, logs cannot be rotated using logrotate so the server must be taken down to single user mode to rotate the logs, causing the loss of many log entries. Does anybody know of a good append only file system or another solution to achieve the same results? Any feedback is appreciated. ~~~~~~~~~~~~~~~~~~~~~~~~~~ Nathaniel Hall Intrusion Detection and Firewall Technician Ozarks Technical Community College -- Office of Computer Networking 417-799-0552
Current thread:
- More Syslog Questions Nathaniel Hall (Jul 15)
- Re: More Syslog Questions Frank Knobbe (Jul 19)
- Re: More Syslog Questions Devdas Bhagat (Jul 19)
- Re: More Syslog Questions Marcus J. Ranum (Jul 19)
- Re: More Syslog Questions Brian Hatch (Jul 19)
- Re: More Syslog Questions Henning Brauer (Jul 20)
- Re: More Syslog Questions Marcus J. Ranum (Jul 19)
- <Possible follow-ups>
- Re: More Syslog Questions Marcus J. Ranum (Jul 19)
- More Syslog Questions Nathaniel Hall (Jul 19)
- Re: More Syslog Questions The Anarcat (Jul 19)
- Re: More Syslog Questions Bruce Smith (Jul 19)
- Re: More Syslog Questions Marcus J. Ranum (Jul 19)
- Re: More Syslog Questions The Anarcat (Jul 19)
(Thread continues...)