开发者

ssl encryption in rsyslog

问答 作者:

could anyone give me hint where this problem is,

I am unable to encrypt log files comming from my client machine to central log, i dont understand the reason, could i get any relevent information. (i can see unencrypted files, coming towards central server (ngrep - in and out both))

Senario, I am using, already created certificate which is an authorized CA by godaddy.

Client rsyslog.conf:

$ModLoad imuxsock.so
$ModLoad imklog.so
$ModLoad imtcp


$DefaultNetstreamDriver gtls

# certificate files
$DefaultNetstreamDriverCAFile /rsyslog/pki/something.example.net.crt
$DefaultNetstreamDriverCertFile /rsyslog/pki/something.example.com.crt
$DefaultNetstreamDriverKeyFile /rsyslog/pki/something.example.com.key

$ActionSendStreamDriverAuthMode x509/name 
$ActionSendStreamDriverMode 1 

*.* @@machine.example.net:10514

unusual: system gets hung, when i enable defaultnetstreamDriver gtls

Server rsyslog.conf

$ModLoad ommysql
#$UDPServerRUn 514

$ModLoad immark # provides --MARK-- message capability
#$ModLoad imudp # provides UDP syslog reception
$ModLoad imtcp # provides TCP syslog reception
$ModLoad imgssapi # provides GSSAPI syslog reception
#$ModLoad imuxsock # provides support for local system logging (e.g. via logger command)
$ModLoad imklog # provides kernel logging support (previously done by rklogd)


$InputTCPServerRun 10514

*.*    :ommysql:127.0.0.1,dbname,username,password

$DefaultNetstreamDriver gtls

# certificate files
$DefaultNetstreamDriverCAFile /var/www/html/rsyslog/ssl/something.example.net.crt
$DefaultNetstreamDriverCertFile /var/www/html/rsyslog/ssl/something.example.net.crt
$Defau开发者_开发知识库ltNetstreamDriverKeyFile /var/www/html/rsyslog/ssl/something.example.net.key 


$ActionSendStreamDriverAuthMode  anon
$ActionSendStreamDriverPermittedPeer *.example.net
$ActionSendStreamDriverMode 1

People, may be having same issue, so i would like to share if anyone ends up here..

Actually, got the issue, if anyone faces the same problem, there is nothing wrong in code however, the version of rsyslog is not supported by encryption, required, is 5.8.4 however, i havent tested any other previous version to ensure if other works or not. for sure 5.8.4 works

继续阅读:encryptionrsyslogssl

更多精彩内容

0

上一篇:

下一篇:

精彩评论

暂无评论...
登录 注册
Qedev.com
验证码 换一张
取 消

最新问答

问答排行榜

法律声明:本站内容均为网友上传,网站举办方负责审核和监督,

如存在版权或非法内容,欢迎举报,我们将尽快予以删除。

Copyright © 2018-2020 开发者. All rights reserved.

Powered by 开发者

ICP备案号: 京ICP备10032868号-9