From the course: Protecting Your Network with Open Source Software
Unlock the full course today
Join today to access over 22,500 courses taught by industry experts or purchase this course individually.
Syslog-ng
From the course: Protecting Your Network with Open Source Software
Syslog-ng
- [Instructor] Syslog-ng is a log server and can also be used to forward logs. Syslog is a predecessor of syslog-ng. Ng and syslog-ng stands for next generation. To live up to its name, syslog-ng must be better and faster than syslog What does syslog-ng do? First of all, it collects logs from various sources. It forwards the logs do another log management system or a database. One of syslog-ng's essential features is filtering. Without it, the number of logs will be too overwhelming to manage. You want to be able to pick and choose the log items relevant to your security goals. Filtering is based on the criteria such as facility and log levels. Facility refers to the process that generated a log message on a host. Each facility has a unique ID. The facility code for log messages originating from a mail system process is two while the code for those created by an access control process is four. Therefore you can…
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.