Rob, Proprietary? Not! It's just BSD Syslog over TCP. See: http://www.ietf.org/html.charters/syslog-charter.html and http://www.ietf.org/internet-drafts/draft-ietf-syslog-reliable-12.txt Regards, Brian At 06:30 PM 8/13/2001 +1000, Robert Collins wrote: >On 12 Aug 2001 16:04:40 -0500, Brian Hatch wrote: > > > > > > > I think it sounds a bit weird that the syslog server is losing data just > > > because of one host sending to much information. > > > > Since syslog uses UDP, and there's no method to enforce > > retransmits of lost UDP datagrams built into the protocol > > itself, it's quite possible for a busy network to cause > > UDP packet loss, and thus the syslogd server will 'miss' > > logs that were sent but not received. > > > >Cisco have a proprietary tcp-syslog that can be used with their PIX >firewalls: does anyone know if thats based on an open standard, or have >they just done a one-off? > >Rob > > > > > > > -- > > Brian Hatch "Faith" means not wanting > > Systems and to know what is true. > > Security Engineer > > http://www.hackinglinuxexposed.com/ > > > > Every message PGP signed > > > >--------------------------------------------------------------------- >To unsubscribe, e-mail: loganalysis-unsubscribeat_private >For additional commands, e-mail: loganalysis-helpat_private --------------------------------------------------------------------- To unsubscribe, e-mail: loganalysis-unsubscribeat_private For additional commands, e-mail: loganalysis-helpat_private
This archive was generated by hypermail 2b30 : Tue Aug 14 2001 - 14:31:59 PDT