General discussion

Locked

Implement a central logging server

By debate ·
Do you currently run a logging server? What steps have you taken to secure this vital traffic? Share your comments about running a logging server, as discussed in the Oct. 31 Security Solutions e-newsletter.

Check out these additional resources:

* Secure remote log servers using SCP
http://www.securityfocus.com/infocus/1394

* Complete reference guide to creating a remote log server
http://www.linuxsecurity.com/feature_stories/remote_logserver-1.html

(Please remove any extra spaces from the URLs when copying and pasting into a browser.)

If you haven't subscribed to our free Security Solutions e-newsletter, sign up today!
http://nl.com.com/acct_mgmt.jsp?brand=techrepublic

This conversation is currently closed to new comments.

2 total posts (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Comments

Collapse -

Which syslog server?

by Vedran In reply to Implement a central loggi ...

Standard syslogd does not have filtering capabilities in the sense to create separate log file for each source IP address of the device sending syslog messages.
We currently use syslog-ng, but it is unnecessary complicated to configure, as you have to edit three parts of configuration file for one device.
Do you suggest another daemon which would satisfy these needs?

Collapse -

Nice article

by deyev In reply to Implement a central loggi ...

I used Linux RH box as Syslog Server& TimeServer to handle the traffic from Cisco PIX Firewall. It helps me to know where that traffic is coming from.

Thank author for useful links.

Back to Security Forum
2 total posts (Page 1 of 1)  

Related Discussions

Related Forums