After having read the scale of some of the systems/configurations being discussed on the list, I feel pretty cheesy in even mentioning this, but my little Linksys cable/dsl NATing router will send syslog messages to either a unicast address or to the broadcast address of the LAN's ethernet segment. It works. And if broadcasting works on this $100 toy then I would assume that it will work on bigger/fancier systems. Just my $0.02. John At 13:53 08/10/01 -0700, dgillettat_private wrote: >*snip* > > [Yes, there are exceptions: The Cisco 30xx VPN concentrators >(originally Altiga) allow a list, and I've verified that when two >addresses are entered they both receive all entries.] > > The thing is, standard syslog uses UDP, so if the log server >hiccups (or needs a reboot, or whatever), the info is lost. I'm not >sure how far the new syslog-sec proposal goes towards remedying that. > > Have people experimented with sending syslog to a broadcast / >multicast destination instead of a single host? Did it work? > >David Gillett --------------------------------------------------------------------- To unsubscribe, e-mail: loganalysis-unsubscribeat_private For additional commands, e-mail: loganalysis-helpat_private
This archive was generated by hypermail 2b30 : Tue Aug 21 2001 - 07:49:14 PDT