On Tue, 2007-04-03 at 10:51 -0400, Mike wrote:
The new docs look very nice.
On this page: http://www.balabit.com/common-dl/syslog-ng-admin-guide_en.html/ch02s03.html
it makes reference to a syslog-ng agent running on Windows, by saying this:
"...Microsoft Windows based hosts can run only the syslog-ng agent. The syslog-ng agent operates only in client mode."
Is there any more information on this? I can't seem to find any. it sounds like a replacement for 'snare', and sounds very interesting.
The Windows agent program is in the deployment phase in one of our local projects, but is not available generally as of yet. It collects eventlog messages and has support for reading traditional log files (as many Windows applications use flat files instead of eventlog) and feed them into syslog-ng using TCP and optionally SSL/TLS encryption. -- Bazsi