[syslog-ng] Convert syslog to traps
Martin Holste
mcholste at gmail.com
Thu Dec 9 20:05:26 CET 2010
I think program() is the best bet for you. I haven't had anything like that
happen when using program(). What version of syslog-ng are you using? I
don't think syslog-ng is sending newlines, but your script may be
interpreting "silence" from syslog-ng as nothing and appending a newline or
something. If you post a snippet from your script showing how it's reading
from syslog-ng, that would help. It would also help to see the config
relevant to the program() destination.
On Thu, Dec 9, 2010 at 12:27 PM, Jay <difficult_id at yahoo.com> wrote:
> Have a requirement to convert all incoming syslogs to SNMP traps and send
> it to another host. One option I could think of is to use program ()
> destination.
>
> When I tried this option, I find that syslog-ng is continuously sending
> newline characters to the specified program. i.e. even when no syslog is
> received, syslog-ng seems to be pumping newline chars to the specified
> program.
>
> Also I read the warning message in admin guide that, it will open up the
> door to DOS attack.
>
> Could someone let me know the best way to achieve this, please ?
>
> Thanks in advance for the help.
> John
>
>
>
> ______________________________________________________________________________
> Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng
> Documentation:
> http://www.balabit.com/support/documentation/?product=syslog-ng
> FAQ: http://www.campin.net/syslog-ng/faq.html
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.balabit.hu/pipermail/syslog-ng/attachments/20101209/0dd12358/attachment.htm
More information about the syslog-ng
mailing list