SDSC Secure Syslog - San Diego Secure Syslog
The SDSC Secure Syslog (also known as High Performance Syslog) is a project to build a next-generation system audit and logging facility.
The goal is to build a system logging facility that addresses these problems with UDP "syslog classic".
- high volume of system logs at medium and large sites (such as e-commerce sites or ISPs) can easily overwhelm "classic" syslog and its UDP transport mechanism
- this encourages sites to either not create some logs or to frequently roll them over and discard old log messages
- even when used as well as possible, UDP syslog has no integrity or security features
- which makes it difficult to conduct investigations of computer-related crime and related incidents.