On 05/27/2013 08:38 PM, Aly Khimji wrote: > Hey Guys, > Hello Aly,
You are touching on the areas that are dear to our interests too. Unfortunately we have not had time to do the research. What you are asking about should be possible but have not been tried by us, at least we are not aware. Here are some thoughts: 1. It should be possible to configure rsyslog to process logs emitted by other applications (389, Dogtag, MIT KDC, httpd etc.). You need to research the documentation on how to do it by Rainer (farther of rsyslog) assured that it is possible. 2. Issue (or use exiting) kerberos principal for the GSS API to secure rsyslog to rsyslog communication. I know of one deployment that planned to do it but I do not know the results. http://www.rsyslog.com/doc/gssapi.html 3. Use GSS proxy to do rsyslog to rsyslog communication so that the tickets acquired and renewed as needed. I think to do this you need to install gss-proxy package and add couple env vars to the rsyslog systemd profile: |GSS_USE_PROXY=1 GSSPROXY_BEHAVIOR=REMOTE_FIRST | ||There is not much documentation about GSS proxy so do not hesitate to ask. https://fedorahosted.org/gss-proxy/ (Honza, Gunther, please add any other pointers) || 4. Use logstash with grok and elastic search at the end point to process the logs and provide a nice correlation tool. http://logstash.net/ 5. Come back with your findings :-) Thanks Dmitri > Quick question, is it possible to have all components of FreeIPA send > logs to a central log source, or even better to the FreeIPA's local > rsyslogd and then I will have rsyslod send all logs to a central > logging server? > > As per the link, each component logs to a separate location > http://docs.fedoraproject.org/en-US/Fedora/15/html/FreeIPA_Guide/server-config.html > > 16.1.3. Checking FreeIPA Server Logs > FreeIPA unifies several different Linux services, so it relies on > those services' native logs for tracking and debugging those > services. The other services (Apache, 389 Directory Server, and Dogtag > Certificate System) all have detailed logs and log levels. > > Just wondering as its for audit purposes and will be sent to a > centeral logger/alerter. > > Thanks > > Aly > > > > > _______________________________________________ > Freeipa-users mailing list > Freeipa-users@redhat.com > https://www.redhat.com/mailman/listinfo/freeipa-users -- Thank you, Dmitri Pal Sr. Engineering Manager for IdM portfolio Red Hat Inc. ------------------------------- Looking to carve out IT costs? www.redhat.com/carveoutcosts/
_______________________________________________ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users