Skip to Main Content
Linux Server Hacks, Volume Two
book

Linux Server Hacks, Volume Two

by William von Hagen, Brian K. Jones
December 2005
Beginner content levelBeginner
480 pages
13h 27m
English
O'Reilly Media, Inc.
Content preview from Linux Server Hacks, Volume Two

Hack #87. Centralize System Logs Securely

Protect your valuable logfiles from prying eyes

In "Fine-Tune the syslog Daemon" [Hack #86] , we discussed configuration of the syslog daemon. As useful and even necessary as this logging service is, though, it's beginning to show its age. In response to that, a company name BalaBit has devoted both time and resources to bringing us the next generation of syslog, syslog-ng, which addresses many of the problems that plague the original. Improvements include using TCP instead of UDP to communicate with remote log hosts and a much more configurable interface to your system's logging capabilities. From a security standpoint, the implementation of TCP is a great advancement—that allows us to use additional applications such as stunnel to create encrypted tunnels to protect the contents of logfiles as they are sent to the central log host. In this hack, we examine such a deployment.

Getting Started

To implement encrypted remote logging, you'll need to download and compile three programs. Let's start with stunnel. Grab the latest instance of the source code from http://www.stunnel.org/download/source.html. Once you've got the tarball, unpack it and navigate to your newly created directory. You can now follow the typical installation procedure:

	$ ./configure
	$ make
	# make install

You'll now need to grab the source for syslog-ng and libol, a library required by syslog-ng. You can download each of these from http://www.balabit.com/downloads/syslog-ng/ ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Start your free trial

You might also like

Linux Server Hacks

Linux Server Hacks

Rob Flickenger
Mastering CentOS 7 Linux Server

Mastering CentOS 7 Linux Server

Mohamed Alibi, BHASKARJYOTI ROY

Publisher Resources

ISBN: 0596100825Errata Page