[syslog-ng] Properly forwarding syslog messages

James Lay jlay at slave-tothe-box.net
Mon Jul 7 22:37:35 CEST 2014


On 2014-07-07 13:39, Tusa Viktor wrote:
> Hi James!
>
> Check out the source from https://github.com/balabit/syslog-ng [4],
> enter the source directory,
> and use the following command:
>  ./autogen.sh && ./configure --enable-spoof-source && make && sudo
> make install.
>
> You should have the libnet dev package on your system to be able to
> compile with enable spoof-source,
>  it is called libnet1-dev on my Ubuntu.
>
> Hope I could help,
> Viktor
>
> On Mon, Jul 7, 2014 at 7:56 PM, James Lay <jlay at slave-tothe-box.net
> [5]> wrote:
>
>> On 2014-06-27 12:29, James Lay wrote:
>> > Hey all,
>> >
>> > So Ive looked around and Im just not sure what the best method is
>> > for
>> > forwarding syslog messages.  I have a current setup that is
>> working
>> > well.  Id like to try and get all the messages forward to
>> another
>> > machine using standard udp 514.  Id like the messages to appear
>> as
>> > if
>> > they are coming from the originating machine, not the syslog
>> server.
>> > I
>> > did see a couple sites that say I have to compile with spoofing.
>>  Can
>> > anyone point me to some resources to do this?  Thank you.
>> >
>> > James

Thanks Viktor that does help...I'll give this a go.

James



More information about the syslog-ng mailing list