You mean.. Log all activity on the box and forward it off to another device, storing nothing locally? Declare a source of /dev/log. Declare a sole udp destination of the IP you want to log to. (I've always liked the idea of a home or office network being logged to the inside NAT broadcast address so any workstation can monitor logging, but I'm weird like that.) Remove all lines that log to files. And you're done. - billn On Tue, 13 Sep 2005, Albretch Mueller wrote:
Hi *,
I would like for system logs like the ones produced by the kernel, iptable (generally in /var/log/syslog), as well as anyother applications running in a Linux-based router to be processed by an ng-syslog client and just popped as UDP packets
I looked into http://www.campin.net/syslog-ng/faq.html and couldn't see any particular info on this specifically and I also search http://marc.theaimsgroup.com/?l=syslog-ng for 'stealth' and didn't get any hits (a search on 'UDP' would dump millions of hits on you ;-))
How could you do something like that?
Thanks Albretch
_______________________________________________ syslog-ng maillist - syslog-ng@lists.balabit.hu https://lists.balabit.hu/mailman/listinfo/syslog-ng Frequently asked questions at http://www.campin.net/syslog-ng/faq.html