Thanks. I have removed that line from my files. When I restart rsyslog, I get this error:
* authentication not supported by ptcp netstream driver.* Are there other lines I should remove? Is the ptcp netstream driver the default? David, when I run tcpdump for the port 12345 on both client and server I see data on both devices. Do I not need a TCP connection data for both the client and server? On Wed, May 29, 2024 at 5:45 AM Rainer Gerhards <rgerha...@hq.adiscon.com> wrote: > Mode 0 indeed does turn any encryption off. It's primarily there for > technical reasons, and it is the default. > > I strongly advise against defining encryption settings and then > disabling them this way. > > Rainer > > El mié, 29 may 2024 a las 11:26, David Lang via rsyslog > (<rsyslog@lists.adiscon.com>) escribió: > > > > On Wed, 29 May 2024, Kathy Lyons wrote: > > > > > which part sets encryption? I thought these options set encryption to > 0, > > > or disabled. > > > > leave out all the encryption settings to have them be disabled, setting > the mode > > to anon turns on encryption, but accepting any cert. > > > > David Lang > > > > > On Tue, May 28, 2024 at 6:09 PM David Lang <da...@lang.hm> wrote: > > > > > >> On Tue, 28 May 2024, Kathy Lyons wrote: > > >> > > >> > > >> let's simplify this to the minimum needed > > >> > > >>> *Server** > > >>> > > >>> # I've tried both with and without the line below > > >>> $ModLoad imtcp > > >>> $InputTCPServerRun 12345 > > >>> $template LDSTag, "<%PRI>%TIMESTAMP [nameofsystem] %syslog% %msg%" > > >>> # 10.50.x.x is where the server sends its local data and that of the > > >> clients via udp port 514 > > >>> if $fromhost-ip <> '127.0.0.1' then @10.50.x.x;LDSTag > > >>> &stop > > >>> auth.*;authpriv.*;cron.*;daemon.*;kern.*;local0.*;local4.* > > >> @10.50.x.x;LDSTag > > >>> > > >>> > > >>> **Client** > > >>> > > >>> *#*I've tried both with and without the line below > > >>> $ModLoad imtcp > > >>> $template LDSTag,"<%PRI>%TIMESTAMP [PUBLIC_IP] %syslog% %msg%" > > >>> #Send Settings > > >>> auth.*;authpriv.*;cron.*;daemon.*;kern.*;local0.*;local4.* > > >>> @@10.10.10.10.1:12345;LDSTmpl > > >> > > >> also note that the format of setting a bunch of $foo lines that then > > >> affect > > >> future lines is discouraged, it's better to use the newer action() > syntax > > >> that > > >> sets all those things explicitly in the one place. > > >> > > >> David Lang > > >> > > >>> > > >>> On 5/28/2024 5:42 PM, David Lang wrote: > > >>>> your message is badly linewrapped, can you please try again? > > >>>> > > >>>> also note that while you can ping between the systems, that doesn't > > >> mean > > >>>> that port 514 (TCP or UDP) can get through, either due to firewalls > at > > >> the > > >>>> network layer or iptables on the systems > > >>>> > > >>>> David Lang > > >>>> > > >>> > > >> > > > > > _______________________________________________ > > rsyslog mailing list > > https://lists.adiscon.net/mailman/listinfo/rsyslog > > http://www.rsyslog.com/professional-services/ > > What's up with rsyslog? Follow https://twitter.com/rgerhards > > NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad > of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you > DON'T LIKE THAT. > _______________________________________________ rsyslog mailing list https://lists.adiscon.net/mailman/listinfo/rsyslog http://www.rsyslog.com/professional-services/ What's up with rsyslog? Follow https://twitter.com/rgerhards NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE THAT.
