I just enhanced my logging with rsyslog by enabling remote logging form other machines and here are the config sniplets:
on
- logging server side
$ModLoad imtcp # enable TCB module
$InputTCPServerRun
$AllowSender TCP, 127.0.0.1,
$template REMOTE,"/var/log/system-%HOSTNAME%.log" # template to seperate logfiles received from remote hosts
if $fromhost-ip startswith '
#&~ # do not discard messages because we wont to keep all
and on
- client side
$ModLoad imtcp # enable TCP module for rsyslog
*.* @@
Do not forget to adjust the firewall settings in order to allow remote access to the specified port.
And now to the encryption. On server side the following directivs are necessary:
# make gtls driver the default
$DefaultNetstreamDriver gtls
# certificate files
$DefaultNetstreamDriverCAFile /path/to/contrib/gnutls/ca.pem
$DefaultNetstreamDriverCertFile /path/to/contrib/gnutls/cert.pem
$DefaultNetstreamDriverKeyFile /path/to/contrib/gnutls/key.pem
$ModLoad imtcp # load TCP listener
$InputTCPServerStreamDriverMode 1 # run driver in TLS-only mode
$InputTCPServerStreamDriverAuthMode anon # client is NOT authenticated
$InputTCPServerRun 10514 # start up listener at port 10514
On client side only the following directives are necessary:
# certificate files - just CA for a client
$DefaultNetstreamDriverCAFile /path/to/contrib/gnutls/ca.pem
# set up the action
$DefaultNetstreamDriver gtls # use gtls netstream driver
$ActionSendStreamDriverMode 1 # require TLS for the connection
$ActionSendStreamDriverAuthMode anon # server is NOT authenticated
*.* @@(o)server.example.net:10514 # send (all) messages