0

I've been looking to implement sending log data to a remote Syslog host from my Windows service, so far the only decent library based option I have found is the UDP remote Syslog sender in the POCO net library. I'm interested in Syslog with TLS as described in RFC 5425, which the POCO library doesn't currently support.

My question is twofold, firstly have I missed an existing implementation of Syslog for Windows that supports sending to a remote host via TCP/TLS? Secondly, if no such implementation exists, I was looking to write my own (or perhaps extend the POCO one) - it doesn't look much more complicated than establishing a secure TLS session and putting Syslog formatted text strings into a TCP socket, I would use something like the .NET TLS implementation previously discussed here for the TLS part. Have I missed something, is this not that simple? Or is the reason that I can't find any libraries that implement this sort of Syslog communication for Windows that nobody wants to do this? Am I missing the brilliant alternative to Syslog that every other Windows dev is using?

Thanks in advance.

Community
  • 1
  • 1
Earl Sven
  • 251
  • 4
  • 14

2 Answers2

1

The only packaged solution I've come across for this is from Balabit. It seems to be the only thing out there that supports TLS and RFC5425. If anyone else has come across another solution, I'd like to hear about it as well.

Tom Damon
  • 658
  • 5
  • 10
  • Thanks, I had seen that solution but discounted it as I was under the impression the best it could offer me was scraping the Windows event log, I was looking to integrate something a bit more tightly with my service. If I've missed something though and there's a library-like functionality I haven't spotted on their website please point me in the right direction! – Earl Sven May 10 '13 at 07:29
0

Nxlog can do TLS/RFC5425 and is open source. (disclaimer: I'm the author)

While it's not a library, it has several input modules to make integration easier.

b0ti
  • 2,319
  • 1
  • 18
  • 18
  • Looks interesting, which features exactly are GPL vs LGPL? What would be your suggested strategy for integrating Nxlog as it's not a library? – Earl Sven May 16 '13 at 08:33
  • The core is LGPL, modules are GPL. You are free to write your own module if you wish. There are several ways which could be used to read logs produced by your code (im_exec, im_tcp, im_file, etc). – b0ti May 16 '13 at 12:37