[syslog-ng] pull logs from remote hosts with syslog-ng?

Matt Cuttler mcuttler at bnl.gov
Wed Nov 14 04:23:27 CET 2007

Jon Sabo wrote:
> Is it possible to use syslog-ng to pull logs from a remote host?  If
> you had a network where only inbound sessions were allowed but nothing
> was allowed to initiate a connection back, could you have a central
> syslog-ng server that went out and initiated connections/sessions to
> remote hosts and pulled back logs?
You could run an stunnel daemon on the remote host; from your
centralized syslog-ng collector you would initiate the stunnel
connection to said remote host.

I.e. use the central collector in stunnel client mode, and set up an
stunnel in server mode on the remote host.

The premium/commercial syslog-ng supports TLS/SSL, but I don't know if
you can differentiate between client and server the same way which you
can do with an external tool such as stunnel.

-Matt Cuttler

More information about the syslog-ng mailing list