Great idea, but running in stealth mode isn't a function of syslog-ng, it's a function of a network capture tool such as tcpdump or ngrep. Use these tools (or something like them) to capture the traffic and perhaps dump the syslog contents to a file (need to do a little scripting here perhaps, though not much) and have syslog-ng read from that file. On 9/13/05, Albretch Mueller <lbrtchx@hotmail.com> wrote:
Hi *,
I would like for system logs like the ones produced by the kernel, iptable (generally in /var/log/syslog), as well as anyother applications running in a Linux-based router to be processed by an ng-syslog client and just popped as UDP packets
I looked into http://www.campin.net/syslog-ng/faq.html and couldn't see any particular info on this specifically and I also search http://marc.theaimsgroup.com/?l=syslog-ng for 'stealth' and didn't get any hits (a search on 'UDP' would dump millions of hits on you ;-))
How could you do something like that?
Thanks Albretch
_______________________________________________ syslog-ng maillist - syslog-ng@lists.balabit.hu https://lists.balabit.hu/mailman/listinfo/syslog-ng Frequently asked questions at http://www.campin.net/syslog-ng/faq.html