[syslog-ng] connecting to syslog-ng
Matt Zagrabelny
mzagrabe at d.umn.edu
Fri Sep 22 16:01:27 CEST 2006
On Fri, 2006-09-22 at 15:42 +0200, Torsten Curdt wrote:
> > > Is there a way to connect to a syslog-ng on a machine via a client to
> > > receive the events? ...as opposed to just having the syslog-ng pushing
> > > the event to another machine all the time.
> >
> > is there a persistent network connection between these two computers?
>
> Yes!
>
> > > Basically I want only to connect to those machines running syslog-ng
> > > in certain situations. Like
> > >
> > > ssh root at machine tail -f /var/log/messages
> > >
> > > ...without the need for a ssh account
> >
> > what do you think are the advantages are to avoiding ssh?
>
> Deployment and security related. Just no option to give ssh access to
> dozens of developers just to read the logs. Those machines are as
> locked up as possible.
how are you going to provide access control to the logs from the client
machines. to my knowledge, syslog-ng doesnt provide any access control
mechanisms, at least the kind you are talking about.
you can restrict the commands being run with ssh keys. this might be an
adequate solution for you.
--
Matt Zagrabelny - mzagrabe at d.umn.edu - (218) 726 8844
University of Minnesota Duluth
Information Technology Systems & Services
PGP key 1024D/84E22DA2 2005-11-07
Fingerprint: 78F9 18B3 EF58 56F5 FC85 C5CA 53E7 887F 84E2 2DA2
He is not a fool who gives up what he cannot keep to gain what he cannot
lose.
-Jim Elliot
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.balabit.hu/pipermail/syslog-ng/attachments/20060922/14843805/attachment.pgp
More information about the syslog-ng
mailing list