NOTE: The blog section has a write up on establishing a secure syslog server environment.
NOTE: SDSC Secure syslog appears to be a dead project.
The is informational only. We recommend looking at rsyslog or syslog-ng as alternatives.
The SDSC Secure Syslog (also known as High Performance Syslog) is a project to build a next-generation system audit and logging facility. The goal is to build a system logging facility that addresses these problems with UDP "syslog classic":
- high volume of system logs at medium and large sites (such as e-commerce sites or ISPs) can easily overwhelm "classic" syslog and its UDP transport mechanism;
- this encourages sites to either not create some logs or to frequently roll them over and discard old log messages;
- even when used as well as possible, UDP syslog has no integrity or security features;
- which makes it difficult to conduct investigations of computer-related crime and related incidents.
|
SDSC Secure Syslog Links | |
|
License: |
Open Source |
|
Home Page: | |
|
Support Mailing List: | |
Site