[sudo-users] Centralized SUDO I/O Logs
Leroy Tennison
leroy at datavoiceint.com
Mon Jul 17 07:33:48 MDT 2017
I asked this question some time back and the issue is that rsyslog isn't designed to handle a tree structure like sudo_io. We ended up doing rsync, another option is to tar and transmit that. The only other free option I know of is a remotely mounted file system such as NFS, Samba, OpenAFS, sshfs, etc. but they come with the typical network considerations. A nice feature of sudo is that it apparently records the system name as well, we rsynced the logs of a number of systems to a single centralized system and, when playing the logs back on that system, the system from which they came was correctly reported. There is a commercial offering which has its strengths and, from what I've heard, weaknesses as well. Recently an alternative project (Scribery) was mentioned but it's still beta with production planned for early next year and it has some considerations as well.
----- Original Message -----
From: "Asif Iqubal" <asif5241 at gmail.com>
To: "sudo-users" <sudo-users at sudo.ws>
Sent: Monday, July 17, 2017 7:18:09 AM
Subject: [sudo-users] Centralized SUDO I/O Logs
Hi Everyone,
Is there a way to replicate sudo i/o logs to a centralized log server? I
could not find that feature in sudo. Does anybody has a working solution?
Thanks & Regards,
Asif
____________________________________________________________
sudo-users mailing list <sudo-users at sudo.ws>
For list information, options, or to unsubscribe, visit:
https://www.sudo.ws/mailman/listinfo/sudo-users
More information about the sudo-users
mailing list