BSD syslogd

Introduction

As part of  Google Summer of Code 2008 I will implement the upcoming  IETF standards for  NetBSD's syslog(3) and syslogd(8):

•  transport-tls defines the network protocol to send syslog data over TLS (instead of UDP), thus providing a reliable and authenticated transport.
•  syslog-protocol defines a new layout for syslog lines; the most important additions are full timestamps (with year and timezone) and structured data with name=value pairs. This enables all programs to declare semantic content (uid, client IP, return codes, etc), making automatic log-monitoring (or at least parsing) much easier.
•  syslog-sign defines signature messages to assert authentication, integrity and correct sequencing of syslog messages.

To my knowledge that would be one of the first implementations of these protocols. It will provide NetBSD (and hopefully the other BSDs as well) with an advanced, reliable, and secure syslogd; thus saving admins the time and effort to install custom logging solutions just to get secure transport to their central logserver.

Design Issues

• On Configuration

Mailing List Threads

•  tech-userlevel@netbsd.org
  •  Thread starting with "SoC: Improve syslogd"
  •  midterm status
•  hackers@freebsd.org
  •  Thread starting with "Improving syslogd"
  • Interesting: Question wether I add  too many features into one file, and  my reply

Other Links

•  kind of checklist for transport-tls requirements and implementation status

Trac Starting Points

• TracGuide -- Built-in Documentation
•  The Trac project -- Trac Open Source Project
•  Trac FAQ -- Frequently Asked Questions
• TracSupport -- Trac Support