[rsyslog-notify] Forum Thread: Re: omudspoof and ASA - (Mode 'reply')
noreply at adiscon.com
noreply at adiscon.com
Wed Feb 12 00:05:10 CET 2014
User: dlang
Forumlink: http://kb.monitorware.com/viewtopic.php?p=24214#p24214
Message:
----------
if you make the path
ASA -> rsyslog -> rsyslog -> SIEM
then the only leg that needs to have spoofing on it is the leg going to the
SIEM
that avoids all the limitations that you run into trying to do the spoof
rsyslog -> rsyslog (firewalling, inability to use anything other than UDP,
etc)
More information about the rsyslog-notify
mailing list