HPE Community
Operating System - HP-UX
1834476 Members
2909 Online
110067 Solutions
New Discussion

using TCP with syslogd?

 
SOLVED
Go to solution
Chris Hulihan
Advisor

‎02-26-2004 05:50 AM

‎02-26-2004 05:50 AM

using TCP with syslogd?

This is my first time asking a question (have been lurking and posting answers for a few months now)

I am looking to configure multiple syslogd daemons to write to remote hosts, but we'd like to use TCP instead of the default UDP. I looked through the syslogd man page and through some web searching. I see from the opposite side /etc/services lists "syslog" being port 514, UDP. Does anyone know what versions of HP-UX (or patches for syslogd) support sylogd sending data over TCP(We only would use this for 11.00 and 11i) and can someone describe how to do this (or point me in the right direction)?

Also, even though I'm very interested in doing this, if it came to anything really extensively tricky and complicated (SSH proxies, VPN tunneling etc.), we'll just stick to UDP since I can't open that can of worms...

Thanks!!!
0 Kudos
Reply
4 REPLIES 4
Chris Hulihan
Advisor

‎02-26-2004 05:56 AM

‎02-26-2004 05:56 AM

Re: using TCP with syslogd?

Also -- installing a completely new syslog application (For example, the SDSC Secure Syslog) would not be a viable option.
0 Kudos
Reply
Sridhar Bhaskarla
Honored Contributor

‎02-26-2004 06:35 AM

‎02-26-2004 06:35 AM

Solution

Re: using TCP with syslogd?

Hi Chris,

I don't know how you can do it after you said you didn't want additional syslog code put it. I am not aware of any way making it to use tcp like NFS as per our choice.

Running syslogd in tcp mode means, making it to "listen" at the port 514 and handle the error recovery and flow-control which needs the code to be modified. Moreover there is already a TCP service that runs at port 514 which is R-commands' shell. So, you will need to modify it to listen at a different port if at all you can run it over TCP which adds another dimension to the problem.

-Sri
You may be disappointed if you fail, but you are doomed if you don't try
Reply
Chris Hulihan
Advisor

‎02-26-2004 07:34 AM

‎02-26-2004 07:34 AM

Re: using TCP with syslogd?

Thanks for the post.
I should have added previously that this is a situation that we'd really like to configure this for TCP (for security reasons), but if the option is not there, we'll have to use UDP.

Per the syslogd man page (11i, 11.00) you can send data to remote servers by entering a + in the /etc/syslog.conf file. I understand that this attaches to port 514/UDP to send the data. The vendor has asked us if we have the ability to configure this to work over TCP, but all of my research is telling me that this cannot be done without installing a third-party syslog (or having the ability to recompile
the source)...

Thanks!
0 Kudos
Reply
Chris Hulihan
Advisor

‎02-27-2004 03:42 AM

‎02-27-2004 03:42 AM

Re: using TCP with syslogd?

I'll close the loop by answering my own question from all of the information I pored over. This can only be done with an additional syslog package, such as open source syslog-ng.
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.