Re: Setting up a syslog server

["Chris Hembrow" <chris.hembrow () lifestylegroup co uk>]

Hi,

 

I've recently set one up using OSSEC; not strictly a syslog server, but
it supports Syslog inputs in addition to supporting its own agents which
send logs encrypted.  Turn on the "log_all" option and all logs are
archived and automatically rotated and gzipped.  I'm using it with
Splunk and the Splunk for OSSEC app.

 

I've used syslog-ng in the past, and liked the flexibility of being able
to tailor how the logs are processed, but found most of the Windows
agents (such as Snare) rather clunky.  Of course, if you're not looking
at pulling in Windows logs then that's not an issue.

 

Chris 

 

From: pauldotcom-bounces () mail pauldotcom com
[mailto:pauldotcom-bounces () mail pauldotcom com] On Behalf Of Robin Wood
Sent: 06 January 2013 19:16
To: PaulDotCom Mailing List
Subject: [Pauldotcom] Setting up a syslog server

 

Hi
I'm going to be setting up a syslog server for the first time next week,
can anyone recommended any good guides?

I know there are quite a few out there but want a good, tested, one.

Robin

_______________________________________________
Pauldotcom mailing list
Pauldotcom () mail pauldotcom com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com