summaryrefslogtreecommitdiff
path: root/rsyslog.d/local-gtls-common.conf
diff options
context:
space:
mode:
Diffstat (limited to 'rsyslog.d/local-gtls-common.conf')
-rw-r--r--rsyslog.d/local-gtls-common.conf21
1 files changed, 21 insertions, 0 deletions
diff --git a/rsyslog.d/local-gtls-common.conf b/rsyslog.d/local-gtls-common.conf
new file mode 100644
index 0000000..aef8117
--- /dev/null
+++ b/rsyslog.d/local-gtls-common.conf
@@ -0,0 +1,21 @@
+# enable gtls driver and make it the default
+$ModLoad imtcp
+$DefaultNetstreamDriver gtls
+
+# certificate files
+$DefaultNetstreamDriverCAFile /etc/ssl/certs/ca-certificates.crt
+$DefaultNetstreamDriverCertFile /etc/ssl/certs/rsyslog.pem
+$DefaultNetstreamDriverKeyFile /etc/ssl/private/rsyslog.pem
+
+$InputTCPServerStreamDriverAuthMode x509/name
+$InputTCPServerStreamDriverMode 1 # run driver in TLS-only mode
+
+# sample reception (repeat last line for each client)
+#$InputTCPServerRun 514
+#$InputTCPServerStreamDriverPermittedPeer *.example.net
+
+# sample sending (repeat all lines for each server)
+#$ActionSendStreamDriverAuthMode x509/name
+#$ActionSendStreamDriverMode 1 # run driver in TLS-only mode
+#$ActionSendStreamDriverPermittedPeer central.example.net
+#*.* @@central.example.net:514 # forward everything to remote server
generated by cgit v1.2.3 (git 2.39.1) at 2024-06-02 20:05:35 +0000