Syslog-ng 3.30.1 over TLS

Question

I want to configure Syslog-ng server to use TLS. Im not very familiar with writing syslog-ng statement, but here is what i have so far. Need help adding the TLS portion and destination

# logs
source s_net2 {
tcp(ip(0.0.0.0) port(6514));
};

destination d_net2 {
file(
"/var/log/syslog-ng/net1/$HOST/$YEAR-$MONTH-$DAY-ess-hbss.log"
perm(644)
create_dirs(yes)
);
};
log { source(s_net2); destination(d_net2); };

score 0 · Answer 1 · answered Dec 08 '20 at 21:13

source s_net2 {
  network(
    port(6514) transport("tls")
    tls(
      ca-file("/path/ca.crt")
      # ca_dir(/path/ca.d/)
      key-file("/path/server.key")
      cert-file("/path/server.crt")
    )
  );
};

Alternatively, you can use the pkcs12-file() option to specify a PKCS #12 archive containing the CA certificates, server certificate, and the TLS server key.

Docs:

It's the same, just enter the destination address: `network("example.com" port(6514) ...);` — MrAnno, Dec 09 '20 at 11:34

Syslog-ng 3.30.1 over TLS

1 Answers1