Towards Scalable Secure Syslog Compatible Remote Logging
Keywords:
Secure Logging , Syslog, Remote loggingAbstract
This research explains both why logging is useful and why the integrity of logs and the logging process is important. This is followed by a discussion of the design and implementation of a high-performance secure logging framework, implemented in Golang (Go). This is implemented as a server-client for *nix-like systems, with a focus on security first. While a custom protocol is introduced for security, the server remains compatible with traditional syslog log messages, albeit without the added performance and security features. The functionality of the implementation is reflected on along with preliminary performance bench-marking. While most of the design goals are satisfied, one notable area of concern is the performance hit caused through the use of RSA encryption. Aside from this the system was found to perform well with logging rates in excess of 20 thousand events per second achieved. The work concludes with some suggestions for improvements and future work.
https://doi.org/10.59200/ICONIC.2022.002