Creating a Centralized Secure Log Server with syslog-ng and Stunnel
Hi guys, I have the task to install a secure syslog server using syslog-ng and stunnel. The Syslog server is a Solaris 10 and Syslog clients are HP-UX 11.31. I've spent already so many hours and I cannot make it run properly. I know syslog-ng works well without stunnel. I'm pretty sure someone is already using it. I'd like to have step by step installation process. I have no issue if I have to start from scratch. Thanks for your help, Pablo Pablo Szajt
On 2013-07-08 16:34, Szajt, Pablo wrote:
I have the task to install a secure syslog server using syslog-ng and stunnel. The Syslog server is a Solaris 10 and Syslog clients are HP-UX 11.31.
I've spent already so many hours and I cannot make it run properly. I know syslog-ng works well without stunnel.
I'm pretty sure someone is already using it. I'd like to have step by step installation process. I have no issue if I have to start from scratch.
There are several HOWTOs available, e.g.: http://www.linuxhowtos.org/Security/stunnel.htm https://www.linux.com/community/blogs/133-general-linux/9486 although their approach is *not* the best one. The right solution is to setup inetd-mode stunnel configuration files (without any [service sections]), e.g.: client=yes connect=www.server.com:12345 cafile=server.pem verify=4 on the client, and: accept=12345 cert=server.pem key=server.key on the server. Stunnel should then be invoked with the "program()" driver of syslog-ng: http://www.balabit.com/sites/default/files/documents/syslog-ng-ose-3.3-guide... Mike
participants (2)
-
Michal Trojnara -
Szajt, Pablo