Troy Perkins wrote: > > Within nessusd.conf it states the possible use of syslogd instead of > writing to the standard "nessusd.messages" file. > Does anyone know how to make this a system event? Sure you can basically > say; ok, write to /var/log/syslog, but can you actually send the event > to syslogd? > > and have it be delt within syslogd.conf > > If I'm completely misinterpreting the nessusd.conf file, please let me > know.
Like you mention, this would be pretty useful. Following the comments in nessusd.conf (version 1.1.15, fetched yesterday, might have changed today...) I rummaged around and found "log.c" in nessus-core/nessusd/, where: #define LOG_DAEMON (3 << 3) #define LOG_NOTICE 5 So, if you put 'syslog', the code will go via the syslog service, at a NOTICE level, via the DAEMON facility. Will play around with my nessusd and see if that works as advertised. At the same time, Renaud, one more for the wishlist: how about making the syslog facility/level configurable, for those who would prefer to use this logging method ? OTOH, given that Nessus is a security tool, which must function under possibly adverse conditions, using yet another level of software for logging might constitute an aditional and unnecesary failure point. Hope this helps. J. Courcoul
