sslogger-slogd man page

slogd — remote log collection server for sslogger

Synopsis

slog -d

Description

slogd is a log collection daemon for sslogger. It provides a method log remote sslogger sessions to a central log server over a secure TLS channel. New connections are logged to /var/log/slog/slogd, and the session to /var/log/slog/<month-dir>/slogd-<server>-<user>-<date>.log

The default configurations use anonymous authentication by default. Security can be tightened by switching to authentication mode to x509 certs in the configuration file. This will require creating signed certificates, and pushing to all clients. A example script to generate certificates is includes in the source package. See mkSlogCerts.

The sreplay command can be used to sreplay recorded sessions

Options

slogd accepts the following command line options:

-d
Fork process off and run as daemon
-p
Pidfile
-d

Debug -v Verbose debug level [1-9]

Configuration file

/etc/sslogger.d/sslogger-slogd.conf

slogd Configuration file

/var/log/slog

Default directory in which sessions are logged

Configuration Files

Sample entry for /etc/sslogger.d/sslogger-slogd.conf

#Config file for slogd

#Listen IP (Not implemented yet, currently defaults to all interfaces)
#listen=0.0.0.0

#Service Port port=5556

#Debug level <1-9>
debug=0

#PID file
pid_file=/var/run/sslogger/sslogger-slogd.pid

#Certificate Authority File
ca_file=/etc/pki/slog/CA/cacert.pem

#Server key
key_file=/etc/pki/slog/private/serverkey.pem

#Server Cert
cert_file=/etc/pki/slog/servercert.pem

# Certificate Revocation List
# if set, it must be signed by the CA
#crl_file=

# Of the three modes below, only one can be enable at a time
#
# set to 1 to use tls x509 certs for authentication ,br use_tls_cert=0
# set to 1 to use anon auth
use_tls_anon=1

#set to 1 to use tls x509 pks
use_tls_pks=0

# When use_tls_cert=1(true), verify the client certs were signed with same CA as slogd_server
tls_verify_certificate=1

# Verify clients certificate hostname matches client's FQDN (Not implemented yet)
#tls_no_verify_host=0

Examples

slogd -d -p /var/run/sslogger/sslogger-slogd.pid
- Runs slogd as a daemon

Bugs

If you feel you have found a bug in sslogger, please submit a bug report at http://sslogger.sourceforge.net

Support

Limited free support is available via the sslogger-users mailing list, see http://sslogger.sourceforge.net to subscribe or search the archives.

Author

Edward Brand <ebrand@fedoraproject.org>

See Also

sslogger.conf(5) sslogger(8) slog(8) sreplay(8) sudo(8), sudoers(8), su(2)

Referenced By

sslogger.conf(5).

January 2010 Linux User Manuals