bgiles at coyotesong.com
Tue Sep 22 13:56:33 MDT 2015
It depends on your goals. syslog is an easy way to log critical
information to a remote system. A classic example is auth.log since one of
the first things a knowledgeable attack will do is erase the evidence of
his presence in the log files.
On the other hand it would be a nightmare for something like apache or an
appserver since they can easily log GB of data per day. Maybe it could
handle it but I think there are better approaches.
On Tue, Sep 22, 2015 at 1:23 PM, Glenn English <ghe at slsware.net> wrote:
> On Sep 22, 2015, at 1:03 PM, Chris Riddoch <riddochc at gmail.com> wrote:
> > I don't ask this out of defensiveness, I feel I must simply be unaware
> > of what the limitations of syslog are. So I ask: what *is* wrong with
> > syslog?
> Nothing, as best I can tell. I'm on my way from Linux to FreeBSD. They
> talk funny in /dev, but they're amazingly helpful. And the OS, so far,
> seems to be somewhat unix-conservative. As a BSD system, that is.
> Glenn English
> Web Page: http://lug.boulder.co.us
> Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug
> Join us on IRC: irc.hackingsociety.org port=6667 channel=#hackingsociety
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the LUG