sslogger-slogd(8) - Linux man page
Name
slogd - remote log collection server for ssloggerSynopsis
slog -dDescription
session to /var/log/slog/<month-dir>/slogd-<server>-<user>-<date>.log
The default configurations use anonymous authentication by default. Security can be tightened by switching to authentication mode to x509 certs in the configuration file. This will require creating signed certificates, and pushing to all clients. A example script to generate certificates is includes in the source package. See mkSlogCerts.
The sreplay command can be used to sreplay recorded sessions
Options
slogd accepts the following command line options:- -d
- Fork process off and run as daemon
- -p
- Pidfile
- -d
- Debug -v Verbose debug level [1-9]
slogd Configuration file/var/log/slog
Default directory in which sessions are logged
Configuration Files
- Sample entry for /etc/sslogger.d/sslogger-slogd.conf
- #Config file for slogd
#Listen IP (Not implemented yet, currently defaults to all interfaces)
#listen=0.0.0.0#Service Port port=5556
#Debug level <1-9>
debug=0#PID file
pid_file=/var/run/sslogger/sslogger-slogd.pid
#Certificate Authority File
ca_file=/etc/pki/slog/CA/cacert.pem
#Server key
key_file=/etc/pki/slog/private/serverkey.pem
#Server Cert
cert_file=/etc/pki/slog/servercert.pem
# Certificate Revocation List
# if set, it must be signed by the CA
#crl_file=# Of the three modes below, only one can be enable at a time
#
# set to 1 to use tls x509 certs for authentication ,br use_tls_cert=0
# set to 1 to use anon auth
use_tls_anon=1#set to 1 to use tls x509 pks
use_tls_pks=0
# When use_tls_cert=1(true), verify the client certs were signed with same CA as slogd_server
tls_verify_certificate=1
# Verify clients certificate hostname matches client's FQDN (Not implemented yet)
#tls_no_verify_host=0
Examples
slogd -d -p /var/run/sslogger/sslogger-slogd.pid- Runs slogd as a daemon