[syslog-ng] Properly forwarding syslog messages

Tusa Viktor tusavik at gmail.com
Mon Jul 7 21:39:12 CEST 2014


Hi James!

Check out the source from https://github.com/balabit/syslog-ng, enter the
source directory,
and use the following command:
./autogen.sh && ./configure --enable-spoof-source && make && sudo make
install.

You should have the libnet dev package on your system to be able to compile
with enable spoof-source,
it is called libnet1-dev on my Ubuntu.

Hope I could help,
Viktor


On Mon, Jul 7, 2014 at 7:56 PM, James Lay <jlay at slave-tothe-box.net> wrote:

> On 2014-06-27 12:29, James Lay wrote:
> > Hey all,
> >
> > So I've looked around and I'm just not sure what the best method is
> > for
> > forwarding syslog messages.  I have a current setup that is working
> > well.  I'd like to try and get all the messages forward to another
> > machine using standard udp 514.  I'd like the messages to appear as
> > if
> > they are coming from the originating machine, not the syslog server.
> > I
> > did see a couple sites that say I have to compile with spoofing.  Can
> > anyone point me to some resources to do this?  Thank you.
> >
> > James
>
> No takers on this?
>
> ______________________________________________________________________________
> Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng
> Documentation:
> http://www.balabit.com/support/documentation/?product=syslog-ng
> FAQ: http://www.balabit.com/wiki/syslog-ng-faq
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.balabit.hu/pipermail/syslog-ng/attachments/20140707/983d81d7/attachment.htm 


More information about the syslog-ng mailing list