Towards Scalable Secure Syslog Compatible Remote Logging

Abstract

This research explains both why logging is useful  and why the integrity of logs and the logging  process is important. This is followed by a  discussion of the design and implementation of  a high-performance secure logging framework,  implemented in Golang (Go). This is implemented  as a server-client for *nix-like systems, with a  focus on security first. While a custom protocol is introduced for security, the server remains  compatible with traditional syslog log messages,  albeit without the added performance and security  features. The functionality of the implementation  is reflected on along with preliminary performance  bench-marking. While most of the design goals  are satisfied, one notable area of concern is the  performance hit caused through the use of RSA  encryption. Aside from this the system was found  to perform well with logging rates in excess of 20  thousand events per second achieved. The work  concludes with some suggestions for improvements  and future work.

https://doi.org/10.59200/ICONIC.2022.002