Hi I've setup my logging solution but there's one more step that needs to be taken. I'm using SuSE 10 which uses syslog-ng as its logging facility. The problem is syslog-ng uses raw tcp traffica which is not secure at all. Now I really need to encrypt the traffic. I've read about using stunnel to pipe an encrypted traffic from syslog clients to the server. I wanted to know if anyone has a experience in this matter, and if yes should I make any changes to the ossec configuration? And do you possibly know a better way? Just one thing, SuSE 10 is a must in this scenario 'cause its part of the firm's policy and there's absolutely nothing I can do to change it. Thank you all as always. This mailing list has been a great help to me.
Navid
