Centos 5.x
I'd like to have my syslog traffic use TCP instead of UDP.
Does the stock syslog daemon for CentOS support this? If so, where would I set that option?
-M
Asked
Active
Viewed 2.4k times
2 Answers
3
It may be worthwhile to take a look at syslog-ng which does support TCP (and is a better solution overall).
Tyler K
- 256
- 1
- 6
-
Thanks. Yea from what I could find out online, the stock syslogd just doesn't support it period. How does rsyslog compare to syslog-ng? – Mike B Aug 06 '10 at 22:46
-
I prefer rsyslogd, and there's a comparisson on rsyslogd site: http://www.rsyslog.com/doc/rsyslog_ng_comparison.html – coredump Aug 10 '10 at 19:10
3
I believe tht the stock syslog daemon on Centos5 does not support this. Also note that port 514/tcp was reserved for 'shell' access, but I think that is deprecated going forward.
Check out rsyslog, which has become the default syslog daemon in Ubuntu and RedHat 6 beta (and Centos 6). It can read your existing syslog.conf without any changes, and can also be extended quiet a bit. It also supports syslog over tcp.
I found that syslog-ng is better documented and has more community examples. However, the syntax for rsyslog.conf is more similar to the syntax of syslog.conf . If you use syslog-ng, then feel free to stick with syslog-ng. If you have some existing syslog.conf's, then check out rsyslog.
On my Ubuntu system, I dropped in my old syslog.conf into /etc/rsyslog.d/50-default.conf and it worked right away. Later, I was able to add several of my own features, such as storing remote syslogs at /var/log/syslogs/$REMOTE_HOST/$FACILITY.log.
Update 20110524:
For more information on this, see https://www.rfc-editor.org/rfc/rfc5426 , which specifically recommends syslog over TLS.
Stefan Lasiewski
- 22,949
- 38
- 129
- 184