[syslog-ng] [Syslog-ng] Log particular actions and send specific files to a remote server

Fabien Wernli wernli at in2p3.fr
Tue Jul 26 14:05:18 CEST 2016


Hi,

On Tue, Jul 26, 2016 at 01:25:08PM +0200, Savakh S wrote:
> 2 - Is it possible to log in real time a change occured a network interface
> ? For example a new open port. More generally, how can we log actions
> naturally not covered by syslog-ng in order to send to a remote server?

syslog-ng's scope is to handle events, not generate them (except for
`internal()`).
If you want to achieve what you're describing, the course of action would be
to find a tool that lets you monitor the network, and then use a `syslog()` call
to generate an event. syslog-ng will then be able to take action (in "real
time") e.g. send it to nagios, or by email.



More information about the syslog-ng mailing list