Why would stunnel be involved? I don't need to secure the communication across the link. I just want to know if and how to setup a syslog-ng server to pull logs from groups or remote hosts in contrast to receiving them like you would normally configure a syslog server to send logs to a remote host. So can you configure syslog-ng to pull logs? On Nov 13, 2007 10:23 PM, Matt Cuttler <mcuttler@bnl.gov> wrote:
Jon Sabo wrote:
Is it possible to use syslog-ng to pull logs from a remote host? If you had a network where only inbound sessions were allowed but nothing was allowed to initiate a connection back, could you have a central syslog-ng server that went out and initiated connections/sessions to remote hosts and pulled back logs?
You could run an stunnel daemon on the remote host; from your centralized syslog-ng collector you would initiate the stunnel connection to said remote host.
I.e. use the central collector in stunnel client mode, and set up an stunnel in server mode on the remote host.
The premium/commercial syslog-ng supports TLS/SSL, but I don't know if you can differentiate between client and server the same way which you can do with an external tool such as stunnel.
-Matt Cuttler _______________________________________________ syslog-ng maillist - syslog-ng@lists.balabit.hu https://lists.balabit.hu/mailman/listinfo/syslog-ng Frequently asked questions at http://www.campin.net/syslog-ng/faq.html