From the course: Protecting Your Network with Open Source Software
Unlock the full course today
Join today to access over 22,400 courses taught by industry experts or purchase this course individually.
Log forwarding: Part 2
From the course: Protecting Your Network with Open Source Software
Log forwarding: Part 2
- [Instructor] Let's install syslog-ng on our Ubuntu router. Type sudo apt-get install syslog-ng , press ENTER. Type Y and press ENTER. Let's check if our syslog-ng service is up and running, type systemctl status syslog-ng, press ENTER, it's active. Press Q to exit. The syslog-ng service is running on our Ubuntu router which is the same host where Snort is installed. We'll forward Snort log messages through the syslog-ng log service, then we'll forward the same log messages to a centralized log server. The centralized log server solution we'll be using is Kiwi. Let's go to the syslog-ng configuration file by typing cd /etc/syslog-ng/, press ENTER. Type ls, press ENTER and you can see that syslog-ng.conf file here. Type sudo nano syslog-ng.conf, press ENTER. Let's do a search and look for the term destination, press CTRL+W together, type destination, press ENTER. We'll create our own destination here…
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.