doc:appunti:linux:sa:ulogd2
Monitoraggio con ulogd2
apt install ulogd2
/etc/ulogd.conf
We configure one plugin stack adding this line into the configuration file:
# Custom stack for logging connections metadata. stack=ct1:NFCT,ip2str1:IP2STR,print1:PRINTFLOW,emu1:LOGEMU
[ct1] event_mask=0x00000001 hash_enable=0
Plugin Stacks Explained
- Input plugin
- None, one or multiple filter plugins
- One output plugin
In the example above we use the NFCT input plugin, which interfaces with the nfnetlink_conntrack kernel subsystem, and provides flow-based logging.
The option hash_enable …
/etc/logrotate.d/ulogd2
systemctl enable ulogd2.service systemctl start ulogd2.service
doc/appunti/linux/sa/ulogd2.txt · Last modified: 2025/02/17 17:29 by niccolo