FreeBSD audit source and other syslog-ng news

Day 1 | 18:35 | 00:25 | AW1.120 | Peter Czanik


Note: I'm reworking this at the moment, some things won't work.

The stream isn't available yet! Check back at 18:35.

FreeBSD is one of the most popular platforms to run syslog-ng. Recently, I was approached if we could add a FreeBSD audit source driver to syslog-ng. While developing a new C-based driver is not something we could do in the short term, thankfully, using the program() source of syslog-ng still allowed us to create a new source in just a few hours, including its documentation. From this talk, you can learn how the freebsd-audit() source was created and how you can also easily develop similar sources yourself. A few more FreeBSD specific developments will also be mentioned.