I made the change as suggested and it is complaining:
source s_net {
network(ip('<our IP>') port(<our port>)
transport("tls")
tls( key-file("/usr/local/etc/hostcert.key")
cert-file("/usr/local/etc/hostcert.pem")
peer_verify(optional-untrusted)
ssl-options(no-sslv2, no-sslv3, no-tlsv1)
)
);
};
I got the following error when I tried to start it:
-bash-4.1$ sudo service sys-ng1 start
syslog-ng service starting.
Error parsing afsocket, syntax error, unexpected LL_IDENTIFIER, expecting ')' in /opt/splunk/usr/local/etc/syslog-ng.conf at line 49, column 9:
ssl-options(no-sslv2, no-sslv3, no-tlsv1)
^^^^^^^^^^^
syslog-ng documentation: http://www.balabit.com/support/documentation/?product=syslog-ng
mailing list:
https://lists.balabit.hu/mailman/listinfo/syslog-ng
From:
<syslog-ng-bounces@lists.balabit.hu> on behalf of "thejaguar@tutanota.de" <thejaguar@tutanota.de>
Reply-To: Syslog-ng users' and developers' mailing list <syslog-ng@lists.balabit.hu>
Date: Tuesday, August 16, 2016 at 5:53 PM
To: Joe Lupo <Joseph.Lupo@T-Mobile.com>
Cc: Syslog-ng users' and developers' mailing list <syslog-ng@lists.balabit.hu>
Subject: Re: [syslog-ng] Disabling SSLv3 with Syslog-NG
its part of tls options so
tls( key-file("/usr/local/etc/hostcert.key")
cert-file("/usr/local/etc/hostcert.pem")
peer_verify(optional-untrusted)
ssl-options(no-sslv3,no-tlsv1)
)
);
The Jaguar
16. Aug 2016 12:13 by Joseph.Lupo@T-Mobile.com:
The syslog-ng documentation is very unclear. Where would we put the ssl-options(no-sslv2, no-sslv3, no-tlsv1) entry for disabling sslv2, sslv3 and tlsv1?
The following works for enabling TLS on our host, but I can’t figure out where to insert the ssl-options.
source s_net {
network(ip('<our IP>') port(<our port>)
transport("tls")
tls( key-file("/usr/local/etc/hostcert.key")
cert-file("/usr/local/etc/hostcert.pem")
peer_verify(optional-untrusted))
);
};
______________________________________________________________________________
Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng
Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng
FAQ: http://www.balabit.com/wiki/syslog-ng-faq