0

anyone knows how to setup TLS option in syslog-ng in Centos 6.x? I do have following syslog-ng.conf and it works just fine but when I add tls option it does not?

       syslog-nf-.conf
          # My Switches
                 source s_switch {
                       udp(ip(0.0.0.0) port(514));
                        tcp(ip(0.0.0.0) port(514));
                         };

destination d_switch {
             file(
            "/var/log/pan/$HOST-$YEAR$MONTH$DAY.log"
            perm(644)
            create_dirs(yes)
       );
   };

log { source(s_switch); destination(d_switch); };

change it to :

 source s_switch {
      tcp(ip(0.0.0.0) port(1999)
           tls( ca_dir("/etc/syslog-ng/ca.d")
             key_file("/etc/syslog-ng/key.d/privkey.pem")
                cert_file("/etc/syslog-ng/cert.d/cacert.pem")
                  peer_verify(optional-untrusted)) ); };
user2912312
  • 155
  • 1
  • 3
  • 13

1 Answers1

0

Which syslog-ng version do you use? The one in EPEL does not have TLS (openssl) support enabled, as that would be cross linking between / and /usr. If you don't mind that this packaging guide line is not followed, you can use my unofficial syslog-ng packages at https://copr.fedoraproject.org/coprs/czanik/syslog-ng37epel6/ which can be added on top of EPEL (some of the dependencies come from EPEL).

Peter Czanik
  • 81
  • 5
  • Thanks, I do have EPL and I added your repo to my Yum config and install 3.7 now I get error " compatibility mode" also error parsing syntax error network(ip(0.0.0.0) port(6514) ^^^^^^^ – user2912312 Oct 22 '15 at 21:49