BROADCASTS.com

Published: Jan. 23, 2008, 9:13 p.m.

b'News:
\\nDesktopBSD 1.6 and FreeBSD 6.3 released.
\\n
\\nSetting up a central syslog server.
\\n

\\n
• If you are concerned about the security of your logs, use a dedicated machine and lock it down.
\\n
• Keep clocks in sync.
\\n
• You may need to change log rotation schedule in /etc/newsyslog.conf. You can rotate based in size and/or time. This can be as much a policy decision as a hardware decision.
\\n
• On central log host, change syslogd flags to listen to network. Each BSD does this differently, so check the man pages. Also, check out the -n flag for busy environments.
\\n
• Make sure host firewall allows syslog traffic through.
\\n
• Be careful to limit syslog traffic to just the trusted network or hosts. FreeBSD man page refers to syslogd as a "remote disk filling service".
\\n
• For heavy logging environments, it is important to have a dedicated network. A down syslogd server can create a lot of "ARP who-has" broadcasts.
\\n
• Most network devices such as printers and commercial firewalls support sending to a central syslog server. Take a look at "Snare" for Windows hosts.
\\n
• To send messages from a Unix host, specify the host name prepended with @ instead of a file for logging in /etc/syslog.conf. For example, change /var/log/xferlog to @loghost.mydomain.biz. You can also copy and edit the line to have it log to both a local file and a remote host.
\\n

\\n
\\nFile Info: 7Min, 3MB
\\n
\\nOgg Link:
\\nhttps://archive.org/download/bsdtalk138/bsdtalk138.ogg'