Hello sysloggers, Forgive my ignorance and lack of mailing list experience - I failed to figure out how to dig for information in the archives, and could find nothing in the docs. Please give some links to the archive search, or to archive FAQ, if any exist. I am responsible for monitoring and audit log collection in a very sensitive project. No cleartext communication is allowed between any nodes. Log collection server will be a Solaris based cluster (Veritas or SC or homegrown failover/loadalancing method) Under certain circumstances, tunnelling the traffic may introduce more than prevent vulnerabilities, specifically, by hiding the traffic from firewals and local packet filters. Therefore, an ideal solution for syslog so far looks like numbering and encrypting/signing each individual syslog message (obviously, on the fly, to prevent local tampering), and broadcast it to the syslog subnet for stealth pickup by both nodes of the syslog cluster. Is it something that can be acieved using syslog-ng, or the effort of building the relevant extentions for syslog-ng and to a vanilla Solaris syslog is equal? Many thanks in advance for any pointers, hints and suggestions Regards, Andrei