syslog-ng-users June 2011 archive
Main Archive Page > Month Archives  > syslog-ng-users archives
syslog-ng-users: Re: [syslog-ng] New on syslog-ng

Re: [syslog-ng] New on syslog-ng

From: Josu Lazkano <josu.lazkano_at_nospam>
Date: Wed Jun 22 2011 - 15:25:30 GMT
To: Syslog-ng users' and developers' mailing list <>

-----Mensaje original-----
De: [] En nombre de Gergely Nagy
Enviado el: lunes, 20 de junio de 2011 14:06
Para: Syslog-ng users' and developers' mailing list
Asunto: Re: [syslog-ng] New on syslog-ng

> Thanks for the reply, I will find more info about TCP and SSL, is possible to make it working with rsyslog on the client side? Do you have any example configuration for the TCP+SSL?

Yep, it's possible. As long as the client can talk the same protocol
(either legacy BSD syslog, or the new RFC syslog - rsyslog can do
both, and it's even configurable to some extent) they can interact
well with syslog-ng. However, I found it much easier to use syslog-ng
on both sides. The configuration is a thousand times simpler for one.

An example server-side config would look something like this:

source s_tcptls {
  tcp (ip("")

For this to work, you need to generate the server.key & server.crt
files as usual for any TLS service. Furthermore, you need to have the
client certs in /etc/syslog-ng/certs/, and you need to run c_rehash .
in that directory, so openssl will generate the appropriate symlinks.
Alternatively, you can set peer-verify to require-untrusted, in which
case untrusted and unknown client certificates will be accepted

The on-line documentation should have more information & examples. I
would suggest reading this chapter in particular:

-- |8] Thanks for your help again. I am going to try to put syslog-ng on both sides (server/client). So I will start new post with it. Thanks and bets regards. ______________________________________________________________________________ Member info: Documentation: FAQ: