On Tue, Feb 20, 2001 at 09:00:59AM -0800, Mike Noyes wrote:
Yes, I missed the word "pull".
But... ;)
Using syslog's remote logging requires no disk space.
This is very important for me. I'm using read-only 8 mb flash disks for
root fs and a small (100-500kb) ramdisk for temporary/pid files.
> >On Tue, Feb 20, 2001 at 08:42:03AM -0800, Mike Noyes wrote:
> >
> >Who will install perl on router/firewall? I will not.
>
> Sergey,
> The only thing installed on the router/firewall is sshd. This is a pull
> solution not a push.
>
> Secure Logging Over a Network
> http://interactive.linuxjournal.com/Magazines/LJ74/3913.html
>
> >The same functions may be implemented in shell.
> >In my environment I used encrypted tunnels and ftp to store logs.
> >Now I'm using remote logging facility of syslog(ng). It is more flexible
> >and doesn't require disk/ramdisk space to store logs localy.
> >You can also select facilities to log or log all messages (requires more
> >bandwidth).
>
> Do you have an example for us?
>
> > > Everyone,
> > > I noticed the logging thread on linux-router, and I remembered this
> > > article in Linux Journal. Is this an acceptable solution?
> > >
> > >
> > > Linux Journal June 2000 Issue 74 p.204
> > > ********************** Perl Script for Pull Logging **********************
> > > #!/usr/bin/perl
> > > $host="monitored.one"; # host to log to
> > > # (machine to monitor)
> > > $file="var/log/imp-logs"; # logging file on
> > > # remote machine
> > > $login="wallace"; # login name on remote machine
> > > $ssh_opts="-q -C -o 'FallBackToRsh=no'";
> > > # options to ssh
> > > #$ssh_opts="-q +C"; # better for ssh2
> > > $cmd="tail --follow=name --retry"; # the tail command executed
> > > #$cmd="tail --follow"; # this could be
> > > # used with old tails
> > > $local_log="pulllog-log"; # local log for
> > > # failures
> > > sub open_remote { # open the connection
> > > open(SSH,"|ssh $ssh_opts -l $login $host
> > > ".'"'."$cmd $file".'"');"
> > > select(SSH);
> > > $|=1; # make it unbuffered
> > > }
> > > if ($local_log) { # if local logging enabled
> > > open(LOG,">>$local_log"); # open log file
> > > select(LOG);
> > > $|+1;
> > > }
> > > select STDOUT;
> > > $SIG{'PIPE'}='IGNORE';
> > > open_remote(); # try to establish the connection
> > > while (1) {
> > > while (<SSH>) {
> > > print STDOUT; # print on our side
> > > }
> > > print LOG "remote end was dead at " .
> > > `date` if ($local_log);
> > > close(SSH); # if error occured
> > > open_remote(); # try to open connection again
> > > }
> > >
> > > --
> > > Mike Noyes <[EMAIL PROTECTED]>
> > > http://leaf.sourceforge.net/
> > >
> > >
> > > _______________________________________________
> > > Leaf-devel mailing list
> > > [EMAIL PROTECTED]
> > > http://lists.sourceforge.net/lists/listinfo/leaf-devel
> >
> >--
> >Best regards,
> >Sergey Kozhedub
> >
> >_______________________________________________
> >Leaf-devel mailing list
> >[EMAIL PROTECTED]
> >http://lists.sourceforge.net/lists/listinfo/leaf-devel
>
> --
> Mike Noyes <[EMAIL PROTECTED]>
> http://leaf.sourceforge.net/
>
>
> _______________________________________________
> Leaf-devel mailing list
> [EMAIL PROTECTED]
> http://lists.sourceforge.net/lists/listinfo/leaf-devel
--
Best regards,
Sergey Kozhedub
_______________________________________________
Leaf-devel mailing list
[EMAIL PROTECTED]
http://lists.sourceforge.net/lists/listinfo/leaf-devel
