NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
Syslog TCP | logs truncate via UDP
Problem: - Logs with a length greater than 1033 chars truncate using syslog (UDP) - There is no option for Syslog via TCP in the WAX series products - I am sending logs to a linux syslog platform...
Hey schumaku It's good to review credible docs such as IETF but I'm afraid your data is out of date. Many platforms now offer SSL / TCP OR UDP based transmission of Syslog. Syslog is both a message format and method of transport and there are more up to date IETF docs mentioning TCP based transmission.
I'm a cyber security professional and I regularly work with platforms such as Palo Alto Firewalls (a market leader) and for the benefit of the discussion I have taken a screenshot of what top tier vendors offer:
Netgear should offer it as a Layer 4 Transport protocol to transmit the Syslog messages.
Perfectly understand the aim of enhancing security for the decades old BSD syslog - in fact TLS is the preferred way over UDP - it's part of RFC5424 transport proposal. Naked TCP isn't. Don't remember when exactly we had started adding TLS in enterprise log collecting applications ... things I've done in my previous life, round the Y2K change times. From there I am aware about the limited data sizes supported either way. Note: I don't talk as Netgear here, I'm not carrying a Netgear batch, nor am I paid or compensated in any way for the effort I'm doing here in the Netgear Community.
NETGEAR Academy
Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology!
Join Us!
