Hi Team!
I have a working configuration for TLS authentication (only server
authentication) between Palo Alto FW and rsyslog on Kali Linux.
Can you help me with sample configuration of mutual TLS authentication.
I can't find how to use the “DefaultNetstreamDriverAuthCAFile” (for
validating a client’s cert) command correctly and how to load the module
“lmnsd_gtls”.
Perhaps other commands and modules are used instead of this one?
Thanks!
# /etc/rsyslog.conf
module(load="imuxsock")
module(load="imklog")
module(load="lmnsd_gtls") #?????
global(
DefaultNetstreamDriver="gtls" #
DefaultNetstreamDriverCAFile="/etc/rsyslog.d/ssl/ca-cert.crt"
DefaultNetstreamDriverCertFile="/etc/rsyslog.d/ssl/server2.crt"
DefaultNetstreamDriverKeyFile="/etc/rsyslog.d/ssl/server2.key"
DefaultNetstreamDriverAuthCAFile="/etc/rsyslog.d/ssl/client_ca_for_panos.crt"
#??????
)
module(
load="imtcp"
StreamDriver.Name="gtls"
StreamDriver.Mode="1"
StreamDriver.Authmode="x509/certvalid"
# StreamDriver.Authmode="x509/name" # later
PermittedPeer="10.101.0.1"
)
input(
type="imtcp"
port="6514"
)
input(
type="imtcp"
port="514"
)
# Remote logging example (uncomment and adjust target/port as needed)
$template RemoteHost,"/var/log/remote/%HOSTNAME%/%PROGRAMNAME%.log"
if $fromhost != '127.0.0.1' then ?RemoteHost
& stop
$IncludeConfig /etc/rsyslog.d/*.conf_______________________________________________
rsyslog mailing list
https://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
What's up with rsyslog? Follow https://twitter.com/rgerhards
NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of
sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE
THAT.
