I'm not sure how to activate both module at the same time while they are of the same type. The only difference is NetStream driver. Can you provide a configuration snippet to illustrate it? I would like basically something like this: module( # instance 1 load="imtcp" StreamDriver.AuthMode="x509/name" StreamDriver.Mode="1" StreamDriver.Name="gtls" ) input( # instance 1 type="imtcp" Port="6514" ) module( # instance 2 load="imtcp" ) input( # instance 2 type="imtcp" Port="514" )
Obviously, one would say the configuration should look like: module( load="imtcp" ) input( type="imtcp" Port="6514" StreamDriver.AuthMode="x509/name" StreamDriver.Mode="1" StreamDriver.Name="gtls" ) input( type="imtcp" Port="514" ) which would be equal to omfwd but this is not possible, AFAIK. Dalibor On 31. 07. 20 14:10, Naoum, A. (Alexandros) wrote:
You need: a) activate both modules for plain TCP and TLS b) have rules which will be bind on the specific module and the port that will be used. In that way rsyslog will listen on both ports. It is the same case like having UDP and TCP. TLS will be different module with the special driver for encryption enabled (gtls or ossl). Regards, Alexandros -----Original Message----- From: rsyslog <[email protected]> On Behalf Of Dalibor Pospíšil via rsyslog Sent: Friday, July 31, 2020 11:36 AM To: [email protected] Cc: Dalibor Pospíšil <[email protected]> Subject: [rsyslog] server with TLS and non-TLS incoming TCP connections Hello, I was wondering how to setup a rsyslog server to accept both TLS and non-TLS connection over TCP. On the client side it is possible as all the relevant options are placed in the omfwd action itself. However, on the server side the options a located in the module, not in the input. So all the related inputs "inherit" the TLS setting from the module. It there a way to split it? The usecase: I have system producing logs. Some of the systems are not capable of TLS. I want to collect logs from all the clients so I need to open one port for incoming TLS connections and one for non-TLS at the same time. I can imagine running separate rsyslog instance for TLS connections forwarding the traffing locally to instance with non-TLS or vice versa. But that's not really efficient solution. Thanks, Dalibor _______________________________________________ rsyslog mailing list https://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Flists.adiscon.net%2Fmailman%2Flistinfo%2Frsyslog&data=02%7C01%7Calexandros.naoum%40nn.cz%7C1cac9eeb6e9d4167b8fd08d835352a3e%7Cfed95e698d7343feaffba7d85ede36fb%7C1%7C0%7C637317849760749626&sdata=gkVY2%2BmdyJ6TSa%2FUyUWRlwM1yWA9xpNI8gfI8GEVhYQ%3D&reserved=0 https://eur01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.rsyslog.com%2Fprofessional-services%2F&data=02%7C01%7Calexandros.naoum%40nn.cz%7C1cac9eeb6e9d4167b8fd08d835352a3e%7Cfed95e698d7343feaffba7d85ede36fb%7C1%7C0%7C637317849760749626&sdata=6sUJf1HsYkvGBSAoaPz7CQYOF9QG3T5KylTKOFtRDfE%3D&reserved=0 What's up with rsyslog? Follow https://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Ftwitter.com%2Frgerhards&data=02%7C01%7Calexandros.naoum%40nn.cz%7C1cac9eeb6e9d4167b8fd08d835352a3e%7Cfed95e698d7343feaffba7d85ede36fb%7C1%7C0%7C637317849760749626&sdata=LjqBmgdT8eafWlroRj3HaVdH3rFXOtqfp7XXN0xrWCg%3D&reserved=0 NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE THAT. This message (including any attachments) may contain confidential information. It is intended for use by the recipient only. Any dissemination, copying or distribution to third parties without the express consent of the sender is strictly prohibited. If you have received this message in error, please delete it immediately and notify the sender. Thank you for your collaboration.
_______________________________________________ rsyslog mailing list https://lists.adiscon.net/mailman/listinfo/rsyslog http://www.rsyslog.com/professional-services/ What's up with rsyslog? Follow https://twitter.com/rgerhards NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE THAT.
