<html>
<head>
<meta content="text/html; charset=windows-1252"
http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<font face="Helvetica, Arial, sans-serif">Hi,<br>
is it there a way to put that plug in end enabl ssl ? Or i must
download the latest syslog-ng and build from 0 ?<br>
<br>
Thanks<br>
Ivan<br>
</font><br>
<div class="moz-cite-prefix">On 02/03/2016 03:33 PM, Czanik, Péter
wrote:<br>
</div>
<blockquote
cite="mid:CANcUavuDNKoX417mFRsm4VsNz6W3mFqFQFRER7TBj4ASL8hEsQ@mail.gmail.com"
type="cite">
<div dir="ltr">
<div>
<div>
<div>
<div>
<div>Hi,<br>
</div>
There are multiple problems:<br>
</div>
- you use an ancient syslog-ng version, which does not yet
have the combined network() driver<br>
</div>
- it has crypto support disabled: <font face="Helvetica,
Arial, sans-serif">Enable-SSL: off<br>
</font></div>
<font face="Helvetica, Arial, sans-serif">I assume, you use
RHEL6 and syslog-ng from EPEL. In that case I'd recommend
giving my packages a try from <a moz-do-not-send="true"
href="https://copr.fedorainfracloud.org/coprs/czanik/syslog-ng37epel6/">https://copr.fedorainfracloud.org/coprs/czanik/syslog-ng37epel6/</a>
which includes the latest stable release and by breaking the
packaging guidelines it also enables openssl support
(syslog-ng is in /sbin, openssl is under /usr/lib, which
breaks the application if /usr is on a separate partition).<br>
</font></div>
<font face="Helvetica, Arial, sans-serif">Bye,<br>
</font></div>
<div class="gmail_extra"><br clear="all">
<div>
<div class="gmail_signature">Peter Czanik (CzP) <<a
moz-do-not-send="true"
href="mailto:peter.czanik@balabit.com" target="_blank"><a class="moz-txt-link-abbreviated" href="mailto:peter.czanik@balabit.com">peter.czanik@balabit.com</a></a>><br>
Balabit / syslog-ng upstream<br>
<a moz-do-not-send="true"
href="http://czanik.blogs.balabit.com/" target="_blank">http://czanik.blogs.balabit.com/</a><br>
<a moz-do-not-send="true" href="https://twitter.com/PCzanik"
target="_blank">https://twitter.com/PCzanik</a></div>
</div>
<br>
<div class="gmail_quote">On Wed, Feb 3, 2016 at 2:43 PM, Ivan
Adji - Krstev <span dir="ltr"><<a moz-do-not-send="true"
href="mailto:akivanradix@gmail.com" target="_blank">akivanradix@gmail.com</a>></span>
wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0
.8ex;border-left:1px #ccc solid;padding-left:1ex">
<div bgcolor="#FFFFFF" text="#000000"> <font
face="Helvetica, Arial, sans-serif">Hi all, <br>
I have follow the <a moz-do-not-send="true"
href="https://www.balabit.com/sites/default/files/documents/syslog-ng-ose-latest-guides/en/syslog-ng-tutorial-mutual-auth-tls/html/create-ca.html"
target="_blank">link</a> for providing mutual
authentication. I have create CA on a server and
certificates for the server and client. On the server
site have put:<br>
===========================================<br>
source s_sys {<br>
system();<br>
#unix-stream("/dev/log");<br>
internal();<br>
network(<br>
port(6514)<br>
# tcp(port(5140));<br>
# file("/proc/kmsg" log_prefix("kernel: "));<br>
transport("tls")<br>
tls(
key_file("/etc/syslog-ng/cert.d/serverkey.pem")<br>
cert_file("/etc/syslog-ng/cert.d/servercert.pem")<br>
ca_dir("/etc/syslog-ng/ca.d"))<br>
);<br>
};<br>
i have define d_mysql etc. <br>
<br>
log { source(s_sys); destination(d_mysql); };<br>
=============================================================<br>
on the client site i have:<br>
destination tls_destination {<br>
network("x.x.x.x" port(6514));<br>
transport("tls")<br>
tls( ca_dir("/etc/syslog-ng/ca.d")<br>
key_file("/etc/syslog-ng/cert.d/clientkey.pem")<br>
cert_file("/etc/syslog-ng/cert.d/clientcert.pem") )<br>
};<br>
log { source(s_sys); destination(tls_destination); };<br>
==================================================================<br>
And when i restart the syslog-ng on a client site i have
the following error:<br>
<br>
/etc/init.d/syslog-ng restart<br>
Stopping
syslog-ng:
[FAILED]<br>
Error parsing destination, destination plugin network
not found in /etc/syslog-ng/syslog-ng.conf at line 45,
column 5:<br>
<br>
network("x.x.x.x" port(6514));<br>
^^^^^^^<br>
<br>
syslog-ng documentation: <a moz-do-not-send="true"
href="http://www.balabit.com/support/documentation/?product=syslog-ng"
target="_blank">http://www.balabit.com/support/documentation/?product=syslog-ng</a><br>
mailing list: <a moz-do-not-send="true"
href="https://lists.balabit.hu/mailman/listinfo/syslog-ng"
target="_blank">https://lists.balabit.hu/mailman/listinfo/syslog-ng</a><br>
<br>
syslog-ng --version<br>
syslog-ng 3.2.5<br>
Installer-Version: 3.2.5<br>
Revision:
<a moz-do-not-send="true"
href="mailto:ssh+git://bazsi@git.balabit//var/scm/git/syslog-ng/syslog-ng-ose--mainline--3.2#master%239d4bea28198bd731df1a61e980a2af5b88d81116"
target="_blank">ssh+git://bazsi@git.balabit//var/scm/git/syslog-ng/syslog-ng-ose--mainline--3.2#master#9d4bea28198bd731df1a61e980a2af5b88d81116</a><br>
Compile-Date: Jul 25 2014 15:20:50<br>
Enable-Threads: on<br>
Enable-Debug: off<br>
Enable-GProf: off<br>
Enable-Memtrace: off<br>
Enable-Sun-STREAMS: off<br>
Enable-IPv6: on<br>
Enable-Spoof-Source: on<br>
Enable-TCP-Wrapper: on<br>
Enable-SSL: off<br>
Enable-SQL: on<br>
Enable-Linux-Caps: off<br>
Enable-Pcre: on<br>
Enable-Pacct: off<br>
<br>
So can someone tell me what i'm doing wrong ?<br>
<br>
Kind regards<span class="HOEnZb"><font color="#888888"><br>
Ivan<br>
</font></span></font> </div>
<br>
______________________________________________________________________________<br>
Member info: <a moz-do-not-send="true"
href="https://lists.balabit.hu/mailman/listinfo/syslog-ng"
rel="noreferrer" target="_blank">https://lists.balabit.hu/mailman/listinfo/syslog-ng</a><br>
Documentation: <a moz-do-not-send="true"
href="http://www.balabit.com/support/documentation/?product=syslog-ng"
rel="noreferrer" target="_blank">http://www.balabit.com/support/documentation/?product=syslog-ng</a><br>
FAQ: <a moz-do-not-send="true"
href="http://www.balabit.com/wiki/syslog-ng-faq"
rel="noreferrer" target="_blank">http://www.balabit.com/wiki/syslog-ng-faq</a><br>
<br>
<br>
</blockquote>
</div>
<br>
</div>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">______________________________________________________________________________
Member info: <a class="moz-txt-link-freetext" href="https://lists.balabit.hu/mailman/listinfo/syslog-ng">https://lists.balabit.hu/mailman/listinfo/syslog-ng</a>
Documentation: <a class="moz-txt-link-freetext" href="http://www.balabit.com/support/documentation/?product=syslog-ng">http://www.balabit.com/support/documentation/?product=syslog-ng</a>
FAQ: <a class="moz-txt-link-freetext" href="http://www.balabit.com/wiki/syslog-ng-faq">http://www.balabit.com/wiki/syslog-ng-faq</a>
</pre>
</blockquote>
<br>
</body>
</html>