From owner-freebsd-security Mon Jun 5 3:37:55 2000 Delivered-To: freebsd-security@freebsd.org Received: from Athena.za.net (athena.za.net [196.30.167.200]) by hub.freebsd.org (Postfix) with ESMTP id BE40D37C117 for ; Mon, 5 Jun 2000 03:37:42 -0700 (PDT) (envelope-from jus@security.za.net) Received: from localhost (jus@localhost) by Athena.za.net (8.9.3/8.9.3) with ESMTP id MAA00325; Mon, 5 Jun 2000 12:36:32 +0200 (SAST) (envelope-from jus@security.za.net) X-Authentication-Warning: Athena.za.net: jus owned process doing -bs Date: Mon, 5 Jun 2000 12:36:31 +0200 (SAST) From: Justin Stanford X-Sender: jus@Athena.za.net To: Dag-Erling Smorgrav Cc: jason schwab , freebsd-security@FreeBSD.ORG, petef@databits.net, ghandi@mindless.com, amb78@nmia.com, nmlug@swcp.com Subject: Re: Syslog question... In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Syslog-ng is great. Supports logging over tcp streams to any and all kinds of files, etc. Regards, jus -- Justin Stanford 082 7402741 jus@security.za.net www.security.za.net IT Security and Solutions On 5 Jun 2000, Dag-Erling Smorgrav wrote: > "jason schwab" writes: > > I am going to have two public machines; and one machine > > that will do nothing except be a backup of syslog from both > > the public machines. on the syslog backup machine; is there > > any way to have different files from the logs coming from > > the different hosts? I dont want all the logs from both > > machines into the same files on to the logging backup > > machine.... > > If you want to use the stock FreeBSD syslogd, you'll have to run > multiple instances of syslogd with separate config files. Short of > hacking syslogd to allow the UDP port to be specified on the command > line and/or in the config file, the easiest way to do this is assign > multiple IP addresses to the logging machine and run each instance of > syslogd in a separate jail with a separate IP address. If you build a > static syslogd binary, the jail need not contain much: > /etc/syslog.conf, an empty /var/run directory, and your log files. > > If I were you, though, I'd take a look at the various other syslogd > implementations out there (ssyslogd and msyslogd at least). > > DES > -- > Dag-Erling Smorgrav - des@flood.ping.uio.no > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message