Thats fine if its a copy paste mistake and compression is enabled by default. Yes both sides are on tls. No I dont want to disable, rather wanted to make sure network transfers do get compressed. Except tcpdump , any other method to confirm ? Thanks for the response. Jagshah. 14. Aug 2016 22:54 by balazs.scheidler@balabit.com:
Hmm, I dont know that option, maybe the premium edition team added that and it trickled into the open source documentation. Iirc by default syslog-ng made sure compression happens within tls as long as the other party supports it.
Or you want to disable it? On Aug 12, 2016 20:15, <> thejaguar@tutanota.de> > wrote:
Hi all,
According to this >> https://www.balabit.com/documents/syslog-ng-ose-latest-guides/en/syslog-ng-o...
Allow-compression() should be a working option under tls.
I did google on this a lot and found no config snippetwhich shows allow-compress() to be working and to my surprise when I tried toinclude it in my config I get syntax error ___________________________________________________
2016-08-11T15:27:19.538347] Registering candidate plugin;module='afsocket', context='source', name='systemd-syslog', preference='100'
[2016-08-11T15:27:19.539190] Using /dev/log Unix socketwith systemd is not possible. Changing to systemd-syslog source, which supportssocket activation.; Error parsing afsocket, syntax error, unexpectedLL_IDENTIFIER, expecting ')' in /etc/syslog-ng/syslog-ng.conf at line 27,column 124:
destination d_net_tls { network(">> syslog1.xxxxxxxxx.com>> " port(6514) transport("tls") tls(ca-dir("/etc/syslog-ng/ca") allow-compress(yes)peer-verify(required-trusted) ssl-options(no-sslv3,no-tlsv1) )
^^^^^^^^^^^^^^ ___________________________________________________
I am using 3.8.0 on ubuntu 15.10.
Is this even really supported as claimed in here >> https://www.balabit.com/network-security/syslog-ng/comparing/detailed
# /usr/sbin/syslog-ng -V
syslog-ng 3.8.0beta2
Installer-Version: 3.8.0beta2
Revision: 3.8.0beta2-1
Module-Directory: /usr/lib/syslog-ng/3.8
Module-Path: /usr/lib/syslog-ng/3.8
Available-Modules:affile,basicfuncs,system-source,cryptofuncs,pseudofile,afuser,csvparser,linux-kmsg-format,confgen,sdjournal,syslogformat,afprog,dbparser,afsocket
Enable-Debug: off
Enable-GProf: off
Enable-Memtrace: off
Enable-IPv6: on
Enable-Spoof-Source: on
Enable-TCP-Wrapper: on
Enable-Linux-Caps: off
______________________________________________________________________________ Member info: >> https://lists.balabit.hu/mailman/listinfo/syslog-ng Documentation: >> http://www.balabit.com/support/documentation/?product=syslog-ng FAQ: >> http://www.balabit.com/wiki/syslog-ng-faq