[syslog-ng]Syslog tunneling

dan@devirtus.com dan@devirtus.com
Thu, 22 Mar 2001 10:04:24 -0500 (EST)


Yes, I have been able to do it using stunnel.  The only issue you will run
across is that of windows clients to the log-box.  I am not very familiar
with windows (long live UNIX...) and was unable to get even a tcp based
client to work, let alone tcp wrapped under SSL.  I have been thinking
about conning one of the windows programmers around my office (although
they all _claim_ not to know windows) to write a windows based tcp client
under stunnel.  I've looked at the windows API for recieving the streams
of events and it doesn't look to difficult, but I'm just not a windows
programmer.  Anyway, if you are doing it strictly under unix, or don't
mind having a mixed UNIX/TCP/SSL and Windows/UDP/Cleartext environment you
should be fine.  The only trouble I think I had when I set it up was
figuring out the daemon mode vs. inetd mode for stunnel.  Should be no
sweat.  -Dan


On Thu, 22 Mar 2001, Dennis wrote:

> Hi,
> 
> I'm trying to setup a secure way of remote logging by means of tunneling.
> I'm running syslog-ng so I'm able to do remote logging
> over tcp instead of udp. But the setup is as usual 1 loghost and several
> others sending all logs to the port the syslog-ng is listening on on the
> loghost..I was wondering..is it possible to use stunnel somehow to secure
> the log packets travelling the hostile internet to the loghost?
> It would mean that there have to be more tunnels from different hosts
> towards de one logging...
> Running out of knowledge and before wasting valuable time, i would like to know if there are people who have set up a secure logging facility in the
> past for syslog-ng?
> 
> Dennis,
>