What is snifflog
Snifflog is a small program to sniff for log data. Written for use along with syslog-ng in weird configurations as discussed in a paper I've written that is available here.
The intended use is to allow system administrators to log to a network host that does not have an IP assigned to the interface.
How to configure, build and use
So what is the point to this anyway?
My paper explains why something like this is needed, it also illustrates how this would typically work. The idea was orriginally to be able to have a host to which we can log, but that the host must be perfectly quiet. Not having an IP assigned to the external interface is ideal for doing this, even though we can go to much greater extents than simply not assigning an IP. The problem that becomes obvious is that if there is no IP assigned, how do we make the host receive data? A less obvious guestion is that of ARP. These are also handled in my paper.
Download: snifflog-0.1.tar.gz (1.8KB).