Hi Syslog-ng Developers, I have a few general questions regarding syslog-ng as below. 1) What is the type of transmission (Asynchronous/Synchronous) used for the transfer of log messages between server and remote client? 2) I understand that Syslog-ng is able to store unsent messages from remote client to server in the local hardisk during network/system outrage. Will syslog-ng be able to resume with the unsent messages upon the revive of the network/system? If possible, how can we configure/setup to achieve that? 3) In view of security, how can we configure remote client and server to perform authentication (using X.509 certificates) during log message forwarding? 4) Is the forwarding of log message between remote client and server consider real-time? (assume syn=0) Do pardon if the questions appears ignorant.Thanks for the time! Best Regards, Dyne Lai
1) What? Asynchronous/synchronous communication is a term used to describe 2 way communication over physical medium. Syslog-ng message relaying is one way and over tcp or udp. 2) Yes syslog-ng will send the unsent messages. You need the premium version for this feature. 3) You can use vpn tunnels or some other type of tunnel for this. Syslog-ng does not have any built-in transport encryption. 4) If youre asking are messages forwarded to remote syslog-ng server as soon as theyre received, it can be configured this way yes. Or it can buffer them and send in bursts. Sent: Tuesday, May 25, 2010 2:20:58 AM From: Dyne Lai <dynelai@gmail.com> To: syslog-ng@lists.balabit.hu Subject: [syslog-ng] Quick Questions
Hi Syslog-ng Developers,
I have a few general questions regarding syslog-ng as below. 1) What is the type of transmission (Asynchronous/Synchronous) used for the transfer of log messages between server and remote client?
2) I understand that Syslog-ng is able to store unsent messages from remote client to server in the local hardisk during network/system outrage. Will syslog-ng be able to resume with the unsent messages upon the revive of the network/system? If possible, how can we configure/setup to achieve that?
3) In view of security, how can we configure remote client and server to perform authentication (using X.509 certificates) during log message forwarding?
4) Is the forwarding of log message between remote client and server consider real-time? (assume syn=0)
Do pardon if the questions appears ignorant.Thanks for the time!
Best Regards, Dyne Lai ______________________________________________________________________________ Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng FAQ: http://www.campin.net/syslog-ng/faq.html
3) Doesn't syslog-ng do TLS encryption? On Tue, May 25, 2010 at 9:15 AM, Patrick H. <syslogng@feystorm.net> wrote:
1) What? Asynchronous/synchronous communication is a term used to describe 2 way communication over physical medium. Syslog-ng message relaying is one way and over tcp or udp.
2) Yes syslog-ng will send the unsent messages. You need the premium version for this feature.
3) You can use vpn tunnels or some other type of tunnel for this. Syslog-ng does not have any built-in transport encryption.
4) If youre asking are messages forwarded to remote syslog-ng server as soon as theyre received, it can be configured this way yes. Or it can buffer them and send in bursts.
Sent: Tuesday, May 25, 2010 2:20:58 AM From: Dyne Lai <dynelai@gmail.com> <dynelai@gmail.com> To: syslog-ng@lists.balabit.hu Subject: [syslog-ng] Quick Questions
Hi Syslog-ng Developers,
I have a few general questions regarding syslog-ng as below. 1) What is the type of transmission (Asynchronous/Synchronous) used for the transfer of log messages between server and remote client?
2) I understand that Syslog-ng is able to store unsent messages from remote client to server in the local hardisk during network/system outrage. Will syslog-ng be able to resume with the unsent messages upon the revive of the network/system? If possible, how can we configure/setup to achieve that?
3) In view of security, how can we configure remote client and server to perform authentication (using X.509 certificates) during log message forwarding?
4) Is the forwarding of log message between remote client and server consider real-time? (assume syn=0)
Do pardon if the questions appears ignorant.Thanks for the time!
Best Regards, Dyne Lai ______________________________________________________________________________ Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng FAQ: http://www.campin.net/syslog-ng/faq.html
______________________________________________________________________________ Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng FAQ: http://www.campin.net/syslog-ng/faq.html
-- ______________________________________________________________ Clayton Dukes ______________________________________________________________
Oh ya, forgot about that. Premium edition feature again :-) It'd probably be best to contact balabit sales for all the details on the premium edition features. The mailing list is most familiar with the open source edition. Besides, thats what the sales people get paid for :-P Sent: Tuesday, May 25, 2010 7:27:44 AM From: Clayton Dukes <cdukes@gmail.com> To: Syslog-ng users' and developers' mailing list <syslog-ng@lists.balabit.hu> Subject: Re: [syslog-ng] Quick Questions
3) Doesn't syslog-ng do TLS encryption?
On Tue, May 25, 2010 at 9:15 AM, Patrick H. <syslogng@feystorm.net <mailto:syslogng@feystorm.net>> wrote:
1) What? Asynchronous/synchronous communication is a term used to describe 2 way communication over physical medium. Syslog-ng message relaying is one way and over tcp or udp.
2) Yes syslog-ng will send the unsent messages. You need the premium version for this feature.
3) You can use vpn tunnels or some other type of tunnel for this. Syslog-ng does not have any built-in transport encryption.
4) If youre asking are messages forwarded to remote syslog-ng server as soon as theyre received, it can be configured this way yes. Or it can buffer them and send in bursts.
Sent: Tuesday, May 25, 2010 2:20:58 AM From: Dyne Lai <dynelai@gmail.com> <mailto:dynelai@gmail.com> To: syslog-ng@lists.balabit.hu <mailto:syslog-ng@lists.balabit.hu> Subject: [syslog-ng] Quick Questions
Hi Syslog-ng Developers,
I have a few general questions regarding syslog-ng as below. 1) What is the type of transmission (Asynchronous/Synchronous) used for the transfer of log messages between server and remote client?
2) I understand that Syslog-ng is able to store unsent messages from remote client to server in the local hardisk during network/system outrage. Will syslog-ng be able to resume with the unsent messages upon the revive of the network/system? If possible, how can we configure/setup to achieve that?
3) In view of security, how can we configure remote client and server to perform authentication (using X.509 certificates) during log message forwarding?
4) Is the forwarding of log message between remote client and server consider real-time? (assume syn=0)
Do pardon if the questions appears ignorant.Thanks for the time!
Best Regards, Dyne Lai ______________________________________________________________________________ Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng FAQ: http://www.campin.net/syslog-ng/faq.html
______________________________________________________________________________ Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng FAQ: http://www.campin.net/syslog-ng/faq.html
-- ______________________________________________________________
Clayton Dukes ______________________________________________________________ ------------------------------------------------------------------------
______________________________________________________________________________ Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng FAQ: http://www.campin.net/syslog-ng/faq.html
The manual says TLS is in the OSE It's disk buffering that is in Premium On Tuesday 25 May 2010 16:03:48 Patrick H. wrote:
Oh ya, forgot about that. Premium edition feature again :-) It'd probably be best to contact balabit sales for all the details on the premium edition features. The mailing list is most familiar with the open source edition. Besides, thats what the sales people get paid for :-P
Sent: Tuesday, May 25, 2010 7:27:44 AM From: Clayton Dukes <cdukes@gmail.com><mailto:cdukes@gmail.com> To: Syslog-ng users' and developers' mailing list <syslog-ng@lists.balabit.hu><mailto:syslog-ng@lists.balabit.hu> Subject: Re: [syslog-ng] Quick Questions 3) Doesn't syslog-ng do TLS encryption?
On Tue, May 25, 2010 at 9:15 AM, Patrick H. <syslogng@feystorm.net<mailto:syslogng@feystorm.net>> wrote: 1) What? Asynchronous/synchronous communication is a term used to describe 2 way communication over physical medium. Syslog-ng message relaying is one way and over tcp or udp.
2) Yes syslog-ng will send the unsent messages. You need the premium version for this feature.
3) You can use vpn tunnels or some other type of tunnel for this. Syslog-ng does not have any built-in transport encryption.
4) If youre asking are messages forwarded to remote syslog-ng server as soon as theyre received, it can be configured this way yes. Or it can buffer them and send in bursts.
Sent: Tuesday, May 25, 2010 2:20:58 AM From: Dyne Lai <dynelai@gmail.com><mailto:dynelai@gmail.com> To: syslog-ng@lists.balabit.hu<mailto:syslog-ng@lists.balabit.hu> Subject: [syslog-ng] Quick Questions
Hi Syslog-ng Developers,
I have a few general questions regarding syslog-ng as below. 1) What is the type of transmission (Asynchronous/Synchronous) used for the transfer of log messages between server and remote client?
2) I understand that Syslog-ng is able to store unsent messages from remote client to server in the local hardisk during network/system outrage. Will syslog-ng be able to resume with the unsent messages upon the revive of the network/system? If possible, how can we configure/setup to achieve that?
3) In view of security, how can we configure remote client and server to perform authentication (using X.509 certificates) during log message forwarding?
4) Is the forwarding of log message between remote client and server consider real-time? (assume syn=0)
Do pardon if the questions appears ignorant.Thanks for the time!
Best Regards, Dyne Lai ___________________________________________________________________________ ___ Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng FAQ: http://www.campin.net/syslog-ng/faq.html
___________________________________________________________________________ ___ Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng FAQ: http://www.campin.net/syslog-ng/faq.html
-- ______________________________________________________________
Clayton Dukes ______________________________________________________________
________________________________
___________________________________________________________________________ ___ Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng FAQ: http://www.campin.net/syslog-ng/faq.html
-- Alan McKinnon Systems Engineer^W Technician Infrastructure Services Internet Solutions +27 11 575 7585 Please note: This email and its content are subject to the disclaimer as displayed at the following link http://www.is.co.za/legal/E-mail+Confidentiality+Notice+and+Disclaimer.htm. Should you not have Web access, send a mail to disclaimers@is.co.za and a copy will be emailed to you.
Well, that'll teach me to open up an outdated doc :-) Ya, I was reading the 2.0 doc since we run a lot of RHEL4 boxes, I tend to open that once since features it has newer versions also have. Sent: Tuesday, May 25, 2010 1:11:53 PM From: Alan McKinnon <Alan.McKinnon@is.co.za> To: syslog-ng@lists.balabit.hu "Patrick H." <syslogng@feystorm.net>, "cdukes@cdukes.com" <cdukes@cdukes.com> Subject: Re: [syslog-ng] Quick Questions
The manual says TLS is in the OSE
It's disk buffering that is in Premium
On Tuesday 25 May 2010 16:03:48 Patrick H. wrote:
Oh ya, forgot about that. Premium edition feature again :-) It'd probably be best to contact balabit sales for all the details on the premium edition features. The mailing list is most familiar with the open source edition. Besides, thats what the sales people get paid for :-P
Sent: Tuesday, May 25, 2010 7:27:44 AM From: Clayton Dukes <cdukes@gmail.com><mailto:cdukes@gmail.com> To: Syslog-ng users' and developers' mailing list <syslog-ng@lists.balabit.hu><mailto:syslog-ng@lists.balabit.hu> Subject: Re: [syslog-ng] Quick Questions 3) Doesn't syslog-ng do TLS encryption?
On Tue, May 25, 2010 at 9:15 AM, Patrick H. <syslogng@feystorm.net<mailto:syslogng@feystorm.net>> wrote: 1) What? Asynchronous/synchronous communication is a term used to describe 2 way communication over physical medium. Syslog-ng message relaying is one way and over tcp or udp.
2) Yes syslog-ng will send the unsent messages. You need the premium version for this feature.
3) You can use vpn tunnels or some other type of tunnel for this. Syslog-ng does not have any built-in transport encryption.
4) If youre asking are messages forwarded to remote syslog-ng server as soon as theyre received, it can be configured this way yes. Or it can buffer them and send in bursts.
Sent: Tuesday, May 25, 2010 2:20:58 AM From: Dyne Lai <dynelai@gmail.com><mailto:dynelai@gmail.com> To: syslog-ng@lists.balabit.hu<mailto:syslog-ng@lists.balabit.hu> Subject: [syslog-ng] Quick Questions
Hi Syslog-ng Developers,
I have a few general questions regarding syslog-ng as below. 1) What is the type of transmission (Asynchronous/Synchronous) used for the transfer of log messages between server and remote client?
2) I understand that Syslog-ng is able to store unsent messages from remote client to server in the local hardisk during network/system outrage. Will syslog-ng be able to resume with the unsent messages upon the revive of the network/system? If possible, how can we configure/setup to achieve that?
3) In view of security, how can we configure remote client and server to perform authentication (using X.509 certificates) during log message forwarding?
4) Is the forwarding of log message between remote client and server consider real-time? (assume syn=0)
Do pardon if the questions appears ignorant.Thanks for the time!
Best Regards, Dyne Lai ___________________________________________________________________________ ___ Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng FAQ: http://www.campin.net/syslog-ng/faq.html
___________________________________________________________________________ ___ Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng FAQ: http://www.campin.net/syslog-ng/faq.html
-- ______________________________________________________________
Clayton Dukes ______________________________________________________________
________________________________
___________________________________________________________________________ ___ Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng FAQ: http://www.campin.net/syslog-ng/faq.html
On Tue, 2010-05-25 at 08:03 -0600, Patrick H. wrote:
Oh ya, forgot about that. Premium edition feature again :-)
no, it is in the OSE version since 3.0.
It'd probably be best to contact balabit sales for all the details on the premium edition features. The mailing list is most familiar with the open source edition. Besides, thats what the sales people get paid -- Bazsi
On Tue, 2010-05-25 at 07:15 -0600, Patrick H. wrote:
1) What? Asynchronous/synchronous communication is a term used to describe 2 way communication over physical medium. Syslog-ng message relaying is one way and over tcp or udp.
2) Yes syslog-ng will send the unsent messages. You need the premium version for this feature.
the premium edition is only needed for disk based buffering. of course the OSE version also supports memory based queueing, and those get sent when the connection breaks.
3) You can use vpn tunnels or some other type of tunnel for this. Syslog-ng does not have any built-in transport encryption.
hmm.. it does support TLS. in my understanding it is a transport encryption.
4) If youre asking are messages forwarded to remote syslog-ng server as soon as theyre received, it can be configured this way yes. Or it can buffer them and send in bursts.
-- Bazsi
participants (5)
-
Alan McKinnon
-
Balazs Scheidler
-
Clayton Dukes
-
Dyne Lai
-
Patrick H.