rsyslog IP Spoofing

Comments

I have a new RHEL rsyslog central server I am using to replace a Windows Kiwi central server. Kiwi can spoof the IP of the incoming messages so that when it sends them out to our SIEM that appear to come from the original host. Both Kiwi and syslog-ng have this ability. I cannot find a way to do this with rsyslog and need some help. Can anyone assist me? I found information on omudpdpoof, but it appears this is not support on RHEL 6. Any suggestions would be appreciated. I am willing to use UDP or TCP.

Started 2016-05-18T14:16:49+00:00 by

Eric Leach

Newbie 5 points

Responses

Here are the common uses of Markdown.

Code blocks

~~~
Code surrounded in tildes is easier to read
~~~

Links/URLs

[Red Hat Customer Portal](https://access.redhat.com)

Select Your Language

Responses

Quick Links

Help

Site Info

Related Sites

About

Red Hat legal and privacy links

Red Hat legal and privacy links

Responses

Quick Links

Help

Site Info

Related Sites

Systems Status

About

Red Hat legal and privacy links

Red Hat legal and privacy links