Re: [logs] SDSC Secure Syslog

• Previous message: Justin H Tran: "[logs] oracle logminer"
• In reply to: Darren Reed: "Re: [logs] SDSC Secure Syslog"
• Next in thread: Darren Reed: "Re: [logs] SDSC Secure Syslog"
• Next in thread: Devin Kowatch: "Re: [logs] SDSC Secure Syslog"
• Reply: Darren Reed: "Re: [logs] SDSC Secure Syslog"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, Dec 06, 2002 at 10:33:15AM +1100, Darren Reed wrote:
> In some mail from Tom Perrine, sie said:
> > Aha!  Yes, I suspect that our ideas about input channels, switch
> > logic and output channels are *very* similar.  Our config files are
> > probably very reminiscent as well.  And your implmentation predates
> > syslog-reliable, right?  We also looked at syslog-signed and ...
> 
> My implementation predates the IETF group forming (as does syslog-ng).
> A bunch of people on the list even convinced me to wander over to the
> USA to say a few words at the first BOF for the IETF group :)
> CVS locally tells me I started on it in April 1998 but that might
> just have been when I started using CVS for it.  Seems like a whole
> lifetime ago now!

It must have been somewhat earlier. My CVS records show that the first
version 1.0 had the first commit in 2nd July 1998. (this was directly
derived from nsyslogd), syslog-ng 1.2 (this was the version when syslog-ng
was rewritten) commit was made on 8th February 1999.

* My opinion about BEEP that it is an overkill. BEEP is simply too
  complicated, that's why it is not yet supported by syslog-ng. TCP transport
  solves most problems we had with UDP, and using BEEP doesn't give us
  anything new or exciting. Encryption can simply be carried out by wrapping
  the TCP stream into SSL.

* Performance is not really an issue, syslog-ng has been in use in sites
  with over 10k hosts. The bottleneck is your disk and not the syslog daemon
  itself. 

* The problem with timestamps should be solved however, being able to send a
  complete time on the wire is desperately needed. I'm thinking about either
  including a timestamp in UTC + source time zone, or a complete time stamp
  with year + zone information. The first would be easier to implement, the
  second would be more like the current protocol.

-- 
Bazsi
PGP info: KeyID 9AF8D0A9 Fingerprint CD27 CFB0 802C 0944 9CFD 804E C82C 8EB1
_______________________________________________
LogAnalysis mailing list
LogAnalysisat_private
http://lists.shmoo.com/mailman/listinfo/loganalysis

• Next message: Darren Reed: "Re: [logs] SDSC Secure Syslog"
• Previous message: Justin H Tran: "[logs] oracle logminer"
• In reply to: Darren Reed: "Re: [logs] SDSC Secure Syslog"
• Next in thread: Darren Reed: "Re: [logs] SDSC Secure Syslog"
• Next in thread: Devin Kowatch: "Re: [logs] SDSC Secure Syslog"
• Reply: Darren Reed: "Re: [logs] SDSC Secure Syslog"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Tue Dec 10 2002 - 15:48:34 PST