remove all TLS settings, as you do not use TLS from rsyslog PoV. Quick review brings up:
$InputTCPServerStreamDriverAuthMode anon $InputTCPServerStreamDriverMode 0 Rainer El mié, 29 may 2024 a las 12:35, Kathy Lyons (<lyonsf...@gmail.com>) escribió: > > Thanks. I have removed that line from my files. When I restart rsyslog, I > get this error: > > authentication not supported by ptcp netstream driver. > > Are there other lines I should remove? Is the ptcp netstream driver the > default? > > David, when I run tcpdump for the port 12345 on both client and server I see > data on both devices. Do I not need a TCP connection data for both the > client and server? > > On Wed, May 29, 2024 at 5:45 AM Rainer Gerhards <rgerha...@hq.adiscon.com> > wrote: >> >> Mode 0 indeed does turn any encryption off. It's primarily there for >> technical reasons, and it is the default. >> >> I strongly advise against defining encryption settings and then >> disabling them this way. >> >> Rainer >> >> El mié, 29 may 2024 a las 11:26, David Lang via rsyslog >> (<rsyslog@lists.adiscon.com>) escribió: >> > >> > On Wed, 29 May 2024, Kathy Lyons wrote: >> > >> > > which part sets encryption? I thought these options set encryption to 0, >> > > or disabled. >> > >> > leave out all the encryption settings to have them be disabled, setting >> > the mode >> > to anon turns on encryption, but accepting any cert. >> > >> > David Lang >> > >> > > On Tue, May 28, 2024 at 6:09 PM David Lang <da...@lang.hm> wrote: >> > > >> > >> On Tue, 28 May 2024, Kathy Lyons wrote: >> > >> >> > >> >> > >> let's simplify this to the minimum needed >> > >> >> > >>> *Server** >> > >>> >> > >>> # I've tried both with and without the line below >> > >>> $ModLoad imtcp >> > >>> $InputTCPServerRun 12345 >> > >>> $template LDSTag, "<%PRI>%TIMESTAMP [nameofsystem] %syslog% %msg%" >> > >>> # 10.50.x.x is where the server sends its local data and that of the >> > >> clients via udp port 514 >> > >>> if $fromhost-ip <> '127.0.0.1' then @10.50.x.x;LDSTag >> > >>> &stop >> > >>> auth.*;authpriv.*;cron.*;daemon.*;kern.*;local0.*;local4.* >> > >> @10.50.x.x;LDSTag >> > >>> >> > >>> >> > >>> **Client** >> > >>> >> > >>> *#*I've tried both with and without the line below >> > >>> $ModLoad imtcp >> > >>> $template LDSTag,"<%PRI>%TIMESTAMP [PUBLIC_IP] %syslog% %msg%" >> > >>> #Send Settings >> > >>> auth.*;authpriv.*;cron.*;daemon.*;kern.*;local0.*;local4.* >> > >>> @@10.10.10.10.1:12345;LDSTmpl >> > >> >> > >> also note that the format of setting a bunch of $foo lines that then >> > >> affect >> > >> future lines is discouraged, it's better to use the newer action() >> > >> syntax >> > >> that >> > >> sets all those things explicitly in the one place. >> > >> >> > >> David Lang >> > >> >> > >>> >> > >>> On 5/28/2024 5:42 PM, David Lang wrote: >> > >>>> your message is badly linewrapped, can you please try again? >> > >>>> >> > >>>> also note that while you can ping between the systems, that doesn't >> > >> mean >> > >>>> that port 514 (TCP or UDP) can get through, either due to firewalls at >> > >> the >> > >>>> network layer or iptables on the systems >> > >>>> >> > >>>> David Lang >> > >>>> >> > >>> >> > >> >> > > >> > _______________________________________________ >> > rsyslog mailing list >> > https://lists.adiscon.net/mailman/listinfo/rsyslog >> > http://www.rsyslog.com/professional-services/ >> > What's up with rsyslog? Follow https://twitter.com/rgerhards >> > NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad >> > of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you >> > DON'T LIKE THAT. _______________________________________________ rsyslog mailing list https://lists.adiscon.net/mailman/listinfo/rsyslog http://www.rsyslog.com/professional-services/ What's up with rsyslog? Follow https://twitter.com/rgerhards NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE THAT.
