|
Home > Archive > Unix administration > October 2004 > Syslog replay script for centralized syslog data
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
Syslog replay script for centralized syslog data
|
|
| leroy isaac 2004-10-28, 5:51 pm |
| I have a need to retrieve syslog data from various remote nodes, and
the smallest network link to the remote nodes is 19K. The syslog
traffic for the link cannot exceed 9K.
I plan to setup a configuration which generates new log files every 10
minutes. These files are then compressed, zipped, and transfered to a
centralized
loghost.
The files are then unzipped, uncompressed, and the data is inserted
into the syslog data stream on the central syslog host.
Is there a script or utility which will accomplish this task? If not,
then does any one have any suggestions on products which may
accomplish this same
task.
I could simply concatenate log files on the central syslog server, but
I have a need to actually replay the log data into the network tcp/ucp
connection of syslog.
LeRoy I.
| |
| Michael Heiming 2004-10-28, 5:51 pm |
| In comp.unix.admin leroy isaac <lisaac01@yahoo.com>:
[ SNIP multi-posted question, I tried answering in colm ]
Would be great if you could please stop multi-posting, for
reasons:
http://www.cs.tut.fi/~jkorpela/usenet/xpost.html
--
Michael Heiming (X-PGP-Sig > GPG-Key ID: EDD27B94)
mail: echo zvpunry@urvzvat.qr | PERL -pe 'y/a-z/n-za-m/'
#bofh excuse 171: NOTICE: alloc: /dev/null: filesystem full
| |
| news@elaan.dds.nl 2004-10-29, 2:48 am |
| leroy isaac <lisaac01@yahoo.com> wrote:
> I have a need to retrieve syslog data from various remote nodes, and
> the smallest network link to the remote nodes is 19K. The syslog
> traffic for the link cannot exceed 9K.
>
> I plan to setup a configuration which generates new log files every 10
> minutes. These files are then compressed, zipped, and transfered to a
> centralized
> loghost.
>
> The files are then unzipped, uncompressed, and the data is inserted
> into the syslog data stream on the central syslog host.
>
> Is there a script or utility which will accomplish this task? If not,
> then does any one have any suggestions on products which may
> accomplish this same
> task.
>
> I could simply concatenate log files on the central syslog server, but
> I have a need to actually replay the log data into the network tcp/ucp
> connection of syslog.
>
> LeRoy I.
I'd modify the syslog sources on both machines (if available) to do the
encryption when sending the information (i.e. without going through a
file, encrypting that, sending that, decrypting and reinserting in syslog
again). Maybe to decrease the encrytion overhead I'd have the sending
syslog wait a configurable amount of time (10 minutes you propose) to
encrypt more events in one go (having more data, with more redundancy
will make the encryption more efficient IMHO).
HTH, Erik.
|
|
|
|
|