Gert - My fault for not making it clearer - I responded to the general group with the answer to this. Todd ----- Original Message ----- From: "Gert Menke" <gert@menke.za.net> To: "todd glassey" <todd.glassey@worldnet.att.net> Cc: <syslog-ng@lists.balabit.hu> Sent: Sunday, January 20, 2002 7:27 AM Subject: Re: [syslog-ng][PATCH] netmask-filter
Hi!
I like it and all that it is missing is Thanks, but I don't see what those things have to do with my patch?
1) A mechansim of proving delivery receipt - i.e. reliable
delivery
of syslog information Hm, using tcp insted of udp could improve things a bit, but not every syslogd supports that.
2) A mechanism of watermarking or timestamping with a reliable
time
abse so that the records can stand up to evidentiary use model reqyuirements. Yes, that could be useful. I heard about a program called multilog a few days ago; IIRC it is able to do such things. (You would need to pipe your syslog data to multilog via destination{program("multilog...");}; or so.) Does anybody on this list know more about this?
BTW: Is it possible to customize the logfile format of syslog-ng? I would like something like: <local timestamp><source ip><host><sender's timestamp><message>
3) A uniform Syslog Event Query Interface (XDAS or DOORS
compliant
would be nice too!). Could you explain that a little more?
Greetings Gert
_______________________________________________ syslog-ng maillist - syslog-ng@lists.balabit.hu https://lists.balabit.hu/mailman/listinfo/syslog-ng