rlm_linelog and syslog over UDP

Alexander Clouter alex at digriz.org.uk
Sat Mar 26 12:28:55 CET 2011


Alan DeKok <aland at deployingradius.com> wrote:
>
>> are there any plans to add logging to *remote* syslog servers to the
>> rlm_linelog module? Would be kinda cute; we want to log authentication
>> results to a central statistics collection host - and going through
>> re-send on the local syslog instance is a superfluous extra step.
> 
>  I see what you mean, but that involves writing a module which opens a
> UDP socket to a remote syslog server, and then creates syslog-formatted
> messages.  That's probably not hard (~500 lines?), but not a priority
> right now.
>
I am unsure why something like syslog-ng could not just be installed and 
do the syslog'ing instead today?  You can either use the file/pipe 
source drivers to do whats needed.
 
>  RFC 5424 also says that TCP/TLS should be preferred to UDP for sending
> to remote machines.
>
...queuing, message drop,tail/head drop, it's not trivial.

Cheers

-- 
Alexander Clouter
.sigmonster says: Better late than never.
                  		-- Titus Livius (Livy)




More information about the Freeradius-Users mailing list