SoC: Improve syslogd

To: tech-userlevel%netbsd.org@localhost
Subject: SoC: Improve syslogd
From: Martin Schütte <lists%mschuette.name@localhost>
Date: Wed, 26 Mar 2008 15:29:24 +0100

Hello,

I am preparing a Summer of Code application and would like to introducemy project and myself, hoping for some feedback and advice.

I want to implement the upcoming IETF standards for Syslog(http://tools.ietf.org/wg/syslog/). In order of priority:syslog-transport-tls, syslog-protocol, and syslog-sign.

- transport-tls defines the network protocol to send syslog over TLS(instead of UDP), thus providing a reliable and authenticated transport.In addition to reliable network transport I also consider a modifiedlocal log submission (from syslog(3) to syslogd) to use a stream insteadof a datagram socket, thus providing reliable submission and possiblerate limits.

- syslog-protocol defines a new layout for syslog lines; the mostimportant additions are full timestamps (with year and timezone) andstructured data with name=value pairs. This enables all programs todeclare semantic content (uid, client IP, return codes, etc) so anautomatic log-monitoring only has to know the used namespace instead ofall possible messages.

- syslog-sign defines signature messages for authentication, integrityand correct sequencing of syslog messages. (For this part I am going tobuild upon the afaik only existing implementation by Albert Mietus.)


To my knowledge that would be one of the first implementations of these

protocols (which hopefully will be published as RFCs this summer). Itwill provide NetBSD (and probably the other BSDs as well) with anadvanced, reliable, and secure syslogd, saving admins the time andeffort to install packages and set up custom logging solutions just toget secure transport to their central logserver.

A little about myself: I study computer science at the University ofPotsdam, Germany. Beside my studies I administer some FreeBSD serversand have already set up a logging infrastructure using syslog-ng andstunnel, resulting in a talk about Logging at the Chemnitzer Linuxtage2007 (german only).


Regards,
Martin

Follow-Ups:
- Re: SoC: Improve syslogd
  - From: Martin Schütte
- Re: SoC: Improve syslogd
  - From: Hubert Feyrer

Prev by Date: [SoC '08] Converting Regression Tests to ATF
Next by Date: obsoleting shlibs - what's the plan
Previous by Thread: [SoC '08] Converting Regression Tests to ATF
Next by Thread: Re: SoC: Improve syslogd
Indexes:

Home | Main Index | Thread Index | Old Index