[syslog-ng]some questions

Gregor Binder Gregor.Binder@sysfive.com
Mon, 26 Aug 2002 22:04:47 +0200

Msg from Joerg Sommer:


> How dangerous is that? Is the full service locked until the timeout
> occures? Is the ip marked as bad. And when will the "keep_hostname"
> buffer updated?

Relying on another service is always dangerous :) The syslog-ng's we
run don't seem to be threaded, so I guess there is no way they would
not block on DNS lookups? I don't think the IP is marked as bad, since
that could affect logging behaviour in another way you might not desi-
re when DNS goes down. I'm not sure though.

I don't understand the last question, since keep_hostname is somewhat
unrelated to DNS? If you're about to rely on *anything* to feed
information to your audit trails, better make sure it's secure and it
doesn't fail at all. Otherwise, don't. syslog-ng runs beautifully
without anything else, and it's really cheap to implement DNS lookups
in log reporting programs.

> >> * When will encryption and authentication come?
> > 
> > in syslog-ng 2
> ..and when will this released?

Are you seriously asking about a timeline for an open source project?
Probably when somebody writes the functionality, want to volunteer? ;)

As for your complaints about the documentation, have you come across
the FAQ at http://www.campin.net/syslog-ng/faq.html yet?