[logs] syslog & Win2k?

From: Mike Blomgren (mike.blomgrenat_private)
Date: Fri Dec 14 2001 - 05:56:52 PST

  • Next message: Herrmann, Bob: "[logs] double event on syslog-ng"

    I'm interested in hearing some 'real world' experience with running a
    syslog daemon on Win2k, and would like to hear your opinions.
    
    We're a 'mixed' OS shop, with *nix and MS plattforms. We need to have
    the syslog from several (8-10) production webbservers, log to a
    dedicated syslogd host. For political reasons, the receiving syslogd
    host is a Win2k (something I'd like to change...). However, Win2k
    doesn't handle syslog by default. So, my questions is really; which
    syslog daemon for Win 2k would you suggest, and why?
    
    Another concern is security. The syslog will contain sensitive
    information, and we need to be certain that the sylog contains correct
    information, and is not tampered with. Also, to perform the logging, the
    syslog has to pass a firewall situated between the webservers and the
    syslod host. Security implications? Should we trust syslogd, or would
    you recommand nsyslogd, or the such?...
    
    I realise this is a lot to ask for, but I'd really appreciate some
    real-world experience. I know there are a lot of logical and practical
    issues in the above scenario, such as issues of stability, authenticity,
    availability, analysis of the syslog info, etc, etc...
    
    TIA
    
    Regards,
    
    ~Mike
    
    
    
    Mike Blomgren
    CCNOX Security Management & Technology AB 
    Box 5227 
    102 45  STOCKHOLM
    
    www.ccnox.com
    _____________________________________________________________ 
    The information included in this e-mail is intended only for the 
    person or entity to which it is addressed. Any use of this 
    information by persons or entities other than the intended 
    recipient is prohibited. If you receive this transmission in 
    error, please delete this email and destroy any copies of it. 
    
    Any opinions expressed in this email are those of the individual 
    and not necessarily those of the company CCNOX. 
    
    
    
    ---------------------------------------------------------------------
    To unsubscribe, e-mail: loganalysis-unsubscribeat_private
    For additional commands, e-mail: loganalysis-helpat_private
    



    This archive was generated by hypermail 2b30 : Sat Dec 15 2001 - 03:14:19 PST