Hi folks, I have stumbled over a difficult question.
In a developed security environment where you run several network zones with the most important data/servers in the inner zones and "outside contact servers" like web proxies in the outer zone - in such an environment a central syslog server should be positioned somewhere in the inner zones, but the servers in the outer zones must not be allowed to push messages into the inner zones - these messages have to be fetched by the central servers from the outside zones' servers. As far as I understand it, the syslogds implement a push model for remote logging, and I never heard of a syslogd pull model, but there clearly is the need for one. Has anyone out there already thought about this and what did you do? Any ideas from those who didn't? Thanks for any hint or help. Dirk _______________________________________________ rsyslog mailing list http://lists.adiscon.net/mailman/listinfo/rsyslog http://www.rsyslog.com
