Jump to content

Feature request: buffering of syslog output


Buckit

Recommended Posts

Hi guys,

 

I'm very happy that Passwordstate offers external log forwarding! This allows us to send our audit logs into a syslog box that cannot be tampered with.

 

Today we discovered that Passwordstate does not buffer messages if the syslog target goes down. Funnily enough it does buffer all the logs if you've never configured Syslog before, thus barfing thousands of entries into the newly minted target. But if you've already configured Syslog and the box goes down, then you'll never receive any of the logs between the down and up of the host.

 

Would you please consider adding buffering to the external Syslog connection? Don't rely on UDP, make it TCP with connection-testing. And if the connection fails, mark the moment where you'll need to start buffering.

 

Cheers,

 

 

Thomas

Link to comment
Share on other sites

52 minutes ago, support said:

It shouldn't be too hard hopefully. We might need to put in an option for this, as possibly some customers are using Syslog servers which doesn't support TCP.

 

Regards

Click Studios

Yup! Definitely make it selectable. As I said, in some cases we'll even see TLS-encrypted syslog, which you certainly won't find everywhere. Then again, with audit logging like this? Maybe it'd pay off to make it an option because the logs contain a treasuretrove of useful info.

Link to comment
Share on other sites

  • 2 weeks later...

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...