Hi, is it there a way to put that plug in end enabl ssl ? Or i must download the latest syslog-ng and build from 0 ? Thanks Ivan On 02/03/2016 03:33 PM, Czanik, Péter wrote:
Hi, There are multiple problems: - you use an ancient syslog-ng version, which does not yet have the combined network() driver - it has crypto support disabled: Enable-SSL: off I assume, you use RHEL6 and syslog-ng from EPEL. In that case I'd recommend giving my packages a try from https://copr.fedorainfracloud.org/coprs/czanik/syslog-ng37epel6/ which includes the latest stable release and by breaking the packaging guidelines it also enables openssl support (syslog-ng is in /sbin, openssl is under /usr/lib, which breaks the application if /usr is on a separate partition). Bye,
Peter Czanik (CzP) <peter.czanik@balabit.com <mailto:peter.czanik@balabit.com>> Balabit / syslog-ng upstream http://czanik.blogs.balabit.com/ https://twitter.com/PCzanik
On Wed, Feb 3, 2016 at 2:43 PM, Ivan Adji - Krstev <akivanradix@gmail.com <mailto:akivanradix@gmail.com>> wrote:
Hi all, I have follow the link <https://www.balabit.com/sites/default/files/documents/syslog-ng-ose-latest-guides/en/syslog-ng-tutorial-mutual-auth-tls/html/create-ca.html> for providing mutual authentication. I have create CA on a server and certificates for the server and client. On the server site have put: =========================================== source s_sys { system(); #unix-stream("/dev/log"); internal(); network( port(6514) # tcp(port(5140)); # file("/proc/kmsg" log_prefix("kernel: ")); transport("tls") tls( key_file("/etc/syslog-ng/cert.d/serverkey.pem") cert_file("/etc/syslog-ng/cert.d/servercert.pem") ca_dir("/etc/syslog-ng/ca.d")) ); }; i have define d_mysql etc.
log { source(s_sys); destination(d_mysql); }; ============================================================= on the client site i have: destination tls_destination { network("x.x.x.x" port(6514)); transport("tls") tls( ca_dir("/etc/syslog-ng/ca.d") key_file("/etc/syslog-ng/cert.d/clientkey.pem") cert_file("/etc/syslog-ng/cert.d/clientcert.pem") ) }; log { source(s_sys); destination(tls_destination); }; ================================================================== And when i restart the syslog-ng on a client site i have the following error:
/etc/init.d/syslog-ng restart Stopping syslog-ng: [FAILED] Error parsing destination, destination plugin network not found in /etc/syslog-ng/syslog-ng.conf at line 45, column 5:
network("x.x.x.x" port(6514)); ^^^^^^^
syslog-ng documentation: http://www.balabit.com/support/documentation/?product=syslog-ng mailing list: https://lists.balabit.hu/mailman/listinfo/syslog-ng
syslog-ng --version syslog-ng 3.2.5 Installer-Version: 3.2.5 Revision: ssh+git://bazsi@git.balabit//var/scm/git/syslog-ng/syslog-ng-ose--mainline--3.2#master#9d4bea28198bd731df1a61e980a2af5b88d81116 <mailto:ssh+git://bazsi@git.balabit//var/scm/git/syslog-ng/syslog-ng-ose--mainline--3.2#master%239d4bea28198bd731df1a61e980a2af5b88d81116> Compile-Date: Jul 25 2014 15:20:50 Enable-Threads: on Enable-Debug: off Enable-GProf: off Enable-Memtrace: off Enable-Sun-STREAMS: off Enable-IPv6: on Enable-Spoof-Source: on Enable-TCP-Wrapper: on Enable-SSL: off Enable-SQL: on Enable-Linux-Caps: off Enable-Pcre: on Enable-Pacct: off
So can someone tell me what i'm doing wrong ?
Kind regards Ivan
______________________________________________________________________________ Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng FAQ: http://www.balabit.com/wiki/syslog-ng-faq
______________________________________________________________________________ Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng FAQ: http://www.balabit.com/wiki/syslog-ng-faq