[logs] libpcap-based syslogd?

• Previous message: Sujit: "[logs] problems with syslog configuration"
• Next in thread: Bennett Todd: "[logs] Re: libpcap-based syslogd?"
• Reply: Bennett Todd: "[logs] Re: libpcap-based syslogd?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Anybody heard of a syslogd based on libpcap?

I got the idea when thinking about a problem we saw at work; some
gizmos were syslogging with bad udp checksums, and the log messages
were therefor getting tossed by the udp stack, never making it to
syslog-ng. While tossing packets with bad udp checksums sounds
right, and seems to be mandated by RFC 1122 section 4.1.3.4, it'd be
handy to have a daemon parked sniffing 514/udp and scribbling the
syslog msgs contained in pkts with bad UDP checksums to a special
logfile.

-Bennett

• application/pgp-signature attachment: stored

_______________________________________________
LogAnalysis mailing list
LogAnalysis@private
http://lists.shmoo.com/mailman/listinfo/loganalysis

• Previous message: Sujit: "[logs] problems with syslog configuration"
• Next in thread: Bennett Todd: "[logs] Re: libpcap-based syslogd?"
• Reply: Bennett Todd: "[logs] Re: libpcap-based syslogd?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.3 : Mon Feb 07 2005 - 16:30:05 PST