Future of Syslog-Auth

• The whole system has too many options

• Probably try to move toward Syslog-sign

• May try to merge the two.

• If we keep syslog-auth:

  • Probably start using signature groups
  • Make final collector responsible for replay detection/gap detection from device.
  • Simplify options
  • Clean up spec tremendously.

Previous slide

Back to first slide

View graphic version