Enable SNI (Server Name Identification) in TLS connection
Hi, I am using TLS over TCP connection to forward my syslog events to a remote server. My remote server uses SNI (Server Name Identification) to route connections/events to one of the available backend servers. I observe that syslog-ng doesn't send SNI during TLS handshake. How can I enable it? My configuration is as follows: =================================== source s_net { syslog(transport(udp) port(1514)); }; destination d_tcp { tcp( "XX.example.net" port(96) tls( peer-verify(required-untrusted) ca_dir("/etc/syslog-ng/ssl") key-file("/etc/syslog-ng/ssl/globaltest/XX.example.net.key.pem") cert-file("/etc/syslog-ng/ssl/globaltest/XX.example.net.cert.pem") ) ); }; log { source(s_net); destination(d_tcp); }; =================================== I want syslog-ng to send XX.example.net as SNI to my remote server Please advise Thanks Raghu
Hi Raghu, Currently we are not sending SNI extension in the Client Hello message. However, I made a PR to implement this: https://github.com/balabit/syslog-ng/pull/2930 Can you build syslog-ng from source? It would be great, if you tested the PR. Best regards, Attila ________________________________ From: syslog-ng <syslog-ng-bounces@lists.balabit.hu> on behalf of Raghunath Adhyapak <funduraghu@gmail.com> Sent: Tuesday, September 17, 2019 9:05 AM To: syslog-ng@lists.balabit.hu <syslog-ng@lists.balabit.hu> Subject: [syslog-ng] Enable SNI (Server Name Identification) in TLS connection CAUTION: This email originated from outside of the organization. Do not follow guidance, click links, or open attachments unless you recognize the sender and know the content is safe. Hi, I am using TLS over TCP connection to forward my syslog events to a remote server. My remote server uses SNI (Server Name Identification) to route connections/events to one of the available backend servers. I observe that syslog-ng doesn't send SNI during TLS handshake. How can I enable it? My configuration is as follows: =================================== source s_net { syslog(transport(udp) port(1514)); }; destination d_tcp { tcp( "XX.example.net<https://nam05.safelinks.protection.outlook.com/?url=http%3A%2F%2FXX.example.net&data=02%7C01%7Cattila.szakacs%40oneidentity.com%7Cf01aaae6998d42d90aa908d73b3d6e1a%7C91c369b51c9e439c989c1867ec606603%7C0%7C1%7C637043007358265020&sdata=sTv8kJpxK%2FDNONaBFcNArgPiZ8ZbBFuyIHKwfL1Yn7w%3D&reserved=0>" port(96) tls( peer-verify(required-untrusted) ca_dir("/etc/syslog-ng/ssl") key-file("/etc/syslog-ng/ssl/globaltest/XX.example.net.key.pem") cert-file("/etc/syslog-ng/ssl/globaltest/XX.example.net.cert.pem") ) ); }; log { source(s_net); destination(d_tcp); }; =================================== I want syslog-ng to send XX.example.net<https://nam05.safelinks.protection.outlook.com/?url=http%3A%2F%2FXX.example.net&data=02%7C01%7Cattila.szakacs%40oneidentity.com%7Cf01aaae6998d42d90aa908d73b3d6e1a%7C91c369b51c9e439c989c1867ec606603%7C0%7C1%7C637043007358275016&sdata=ugyIt85VhK6%2FEoZVAJ%2B2gLnPfr7M5n2%2FMHqR0hcuGto%3D&reserved=0> as SNI to my remote server Please advise Thanks Raghu
Hi Atilla, I updated the code, compiled it and tested the changes. The changes works as expected. Thanks for the addressing the issue in such a short time. Follow-up question: When will this change get merged into the master branch? Also, when will this get packaged in Debian package? Thanks Raghu On Tue, Sep 17, 2019 at 4:27 PM Attila Szakacs (aszakacs) < Attila.Szakacs@oneidentity.com> wrote:
Hi Raghu,
Currently we are not sending SNI extension in the Client Hello message. However, I made a PR to implement this: https://github.com/balabit/syslog-ng/pull/2930
Can you build syslog-ng from source? It would be great, if you tested the PR.
Best regards, Attila ------------------------------ *From:* syslog-ng <syslog-ng-bounces@lists.balabit.hu> on behalf of Raghunath Adhyapak <funduraghu@gmail.com> *Sent:* Tuesday, September 17, 2019 9:05 AM *To:* syslog-ng@lists.balabit.hu <syslog-ng@lists.balabit.hu> *Subject:* [syslog-ng] Enable SNI (Server Name Identification) in TLS connection
CAUTION: This email originated from outside of the organization. Do not follow guidance, click links, or open attachments unless you recognize the sender and know the content is safe.
Hi,
I am using TLS over TCP connection to forward my syslog events to a remote server. My remote server uses SNI (Server Name Identification) to route connections/events to one of the available backend servers.
I observe that syslog-ng doesn't send SNI during TLS handshake.
How can I enable it?
My configuration is as follows:
=================================== source s_net { syslog(transport(udp) port(1514)); }; destination d_tcp { tcp( "XX.example.net <https://nam05.safelinks.protection.outlook.com/?url=http%3A%2F%2FXX.example.net&data=02%7C01%7Cattila.szakacs%40oneidentity.com%7Cf01aaae6998d42d90aa908d73b3d6e1a%7C91c369b51c9e439c989c1867ec606603%7C0%7C1%7C637043007358265020&sdata=sTv8kJpxK%2FDNONaBFcNArgPiZ8ZbBFuyIHKwfL1Yn7w%3D&reserved=0> " port(96) tls( peer-verify(required-untrusted) ca_dir("/etc/syslog-ng/ssl")
key-file("/etc/syslog-ng/ssl/globaltest/XX.example.net.key.pem")
cert-file("/etc/syslog-ng/ssl/globaltest/XX.example.net.cert.pem") ) ); }; log { source(s_net); destination(d_tcp); }; ===================================
I want syslog-ng to send XX.example.net <https://nam05.safelinks.protection.outlook.com/?url=http%3A%2F%2FXX.example.net&data=02%7C01%7Cattila.szakacs%40oneidentity.com%7Cf01aaae6998d42d90aa908d73b3d6e1a%7C91c369b51c9e439c989c1867ec606603%7C0%7C1%7C637043007358275016&sdata=ugyIt85VhK6%2FEoZVAJ%2B2gLnPfr7M5n2%2FMHqR0hcuGto%3D&reserved=0> as SNI to my remote server
Please advise
Thanks Raghu
______________________________________________________________________________ Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng FAQ: http://www.balabit.com/wiki/syslog-ng-faq
Hi Raghu, You are welcome! Thanks for the good idea. If everything goes well, this feature will be released in version 3.24, in 3-4 weeks. The packaging happens at the same time, you will find the 3.24 installer at https://download.opensuse.org/repositories/home:/laszlo_budai:/syslog-ng/ Best regards, Attila ________________________________ From: syslog-ng <syslog-ng-bounces@lists.balabit.hu> on behalf of Raghunath Adhyapak <funduraghu@gmail.com> Sent: Wednesday, September 18, 2019 12:50 PM To: Syslog-ng users' and developers' mailing list <syslog-ng@lists.balabit.hu> Subject: Re: [syslog-ng] Enable SNI (Server Name Identification) in TLS connection CAUTION: This email originated from outside of the organization. Do not follow guidance, click links, or open attachments unless you recognize the sender and know the content is safe. Hi Atilla, I updated the code, compiled it and tested the changes. The changes works as expected. Thanks for the addressing the issue in such a short time. Follow-up question: When will this change get merged into the master branch? Also, when will this get packaged in Debian package? Thanks Raghu On Tue, Sep 17, 2019 at 4:27 PM Attila Szakacs (aszakacs) <Attila.Szakacs@oneidentity.com<mailto:Attila.Szakacs@oneidentity.com>> wrote: Hi Raghu, Currently we are not sending SNI extension in the Client Hello message. However, I made a PR to implement this: https://github.com/balabit/syslog-ng/pull/2930<https://nam05.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fbalabit%2Fsyslog-ng%2Fpull%2F2930&data=02%7C01%7Cattila.szakacs%40oneidentity.com%7C06732d99b8274ab1016308d73c2602f3%7C91c369b51c9e439c989c1867ec606603%7C0%7C1%7C637044006288096603&sdata=tLya1q3XRweh5j4D0FUYWc0QwJCCITXI4FqN%2BT%2FZLBM%3D&reserved=0> Can you build syslog-ng from source? It would be great, if you tested the PR. Best regards, Attila ________________________________ From: syslog-ng <syslog-ng-bounces@lists.balabit.hu<mailto:syslog-ng-bounces@lists.balabit.hu>> on behalf of Raghunath Adhyapak <funduraghu@gmail.com<mailto:funduraghu@gmail.com>> Sent: Tuesday, September 17, 2019 9:05 AM To: syslog-ng@lists.balabit.hu<mailto:syslog-ng@lists.balabit.hu> <syslog-ng@lists.balabit.hu<mailto:syslog-ng@lists.balabit.hu>> Subject: [syslog-ng] Enable SNI (Server Name Identification) in TLS connection CAUTION: This email originated from outside of the organization. Do not follow guidance, click links, or open attachments unless you recognize the sender and know the content is safe. Hi, I am using TLS over TCP connection to forward my syslog events to a remote server. My remote server uses SNI (Server Name Identification) to route connections/events to one of the available backend servers. I observe that syslog-ng doesn't send SNI during TLS handshake. How can I enable it? My configuration is as follows: =================================== source s_net { syslog(transport(udp) port(1514)); }; destination d_tcp { tcp( "XX.example.net<https://nam05.safelinks.protection.outlook.com/?url=http%3A%2F%2FXX.example.net&data=02%7C01%7Cattila.szakacs%40oneidentity.com%7C06732d99b8274ab1016308d73c2602f3%7C91c369b51c9e439c989c1867ec606603%7C0%7C1%7C637044006288106600&sdata=0izDOg9AzCjPgAuUca1iX4Ts0ocEq6yIUhdvqhu0hz4%3D&reserved=0>" port(96) tls( peer-verify(required-untrusted) ca_dir("/etc/syslog-ng/ssl") key-file("/etc/syslog-ng/ssl/globaltest/XX.example.net.key.pem") cert-file("/etc/syslog-ng/ssl/globaltest/XX.example.net.cert.pem") ) ); }; log { source(s_net); destination(d_tcp); }; =================================== I want syslog-ng to send XX.example.net<https://nam05.safelinks.protection.outlook.com/?url=http%3A%2F%2FXX.example.net&data=02%7C01%7Cattila.szakacs%40oneidentity.com%7C06732d99b8274ab1016308d73c2602f3%7C91c369b51c9e439c989c1867ec606603%7C0%7C1%7C637044006288106600&sdata=0izDOg9AzCjPgAuUca1iX4Ts0ocEq6yIUhdvqhu0hz4%3D&reserved=0> as SNI to my remote server Please advise Thanks Raghu ______________________________________________________________________________ Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng<https://nam05.safelinks.protection.outlook.com/?url=https%3A%2F%2Flists.balabit.hu%2Fmailman%2Flistinfo%2Fsyslog-ng&data=02%7C01%7Cattila.szakacs%40oneidentity.com%7C06732d99b8274ab1016308d73c2602f3%7C91c369b51c9e439c989c1867ec606603%7C0%7C1%7C637044006288116590&sdata=ZmU33AN9FNmoaqy5rN5146%2FwU%2F2O6LL%2Firy62UMN5yQ%3D&reserved=0> Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng<https://nam05.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.balabit.com%2Fsupport%2Fdocumentation%2F%3Fproduct%3Dsyslog-ng&data=02%7C01%7Cattila.szakacs%40oneidentity.com%7C06732d99b8274ab1016308d73c2602f3%7C91c369b51c9e439c989c1867ec606603%7C0%7C1%7C637044006288126583&sdata=77nWzeuuVjAr8ZV9p8aI4KIUgND%2FjGn%2FNHnPPhvd9kw%3D&reserved=0> FAQ: http://www.balabit.com/wiki/syslog-ng-faq<https://nam05.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.balabit.com%2Fwiki%2Fsyslog-ng-faq&data=02%7C01%7Cattila.szakacs%40oneidentity.com%7C06732d99b8274ab1016308d73c2602f3%7C91c369b51c9e439c989c1867ec606603%7C0%7C1%7C637044006288126583&sdata=Aw1IyyX38Js51dbSnLp3hRQVADys8TtgYHUpX0lVlBI%3D&reserved=0>
To the other question: It will be merged on the master branch probably in a week. Attila ________________________________ From: syslog-ng <syslog-ng-bounces@lists.balabit.hu> on behalf of Attila Szakacs (aszakacs) <Attila.Szakacs@oneidentity.com> Sent: Wednesday, September 18, 2019 1:28 PM To: Syslog-ng users' and developers' mailing list <syslog-ng@lists.balabit.hu> Subject: Re: [syslog-ng] Enable SNI (Server Name Identification) in TLS connection CAUTION: This email originated from outside of the organization. Do not follow guidance, click links, or open attachments unless you recognize the sender and know the content is safe. Hi Raghu, You are welcome! Thanks for the good idea. If everything goes well, this feature will be released in version 3.24, in 3-4 weeks. The packaging happens at the same time, you will find the 3.24 installer at https://download.opensuse.org/repositories/home:/laszlo_budai:/syslog-ng/<https://nam05.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdownload.opensuse.org%2Frepositories%2Fhome%3A%2Flaszlo_budai%3A%2Fsyslog-ng%2F&data=02%7C01%7CAttila.Szakacs%40oneidentity.com%7C9a139415a6fc4def5c9208d73c2b528e%7C91c369b51c9e439c989c1867ec606603%7C0%7C0%7C637044029090791204&sdata=H%2BQFpJOnTdhGOgMiXXimyDRJRsJMs3ABr3MNdUZ0h%2BY%3D&reserved=0> Best regards, Attila ________________________________ From: syslog-ng <syslog-ng-bounces@lists.balabit.hu> on behalf of Raghunath Adhyapak <funduraghu@gmail.com> Sent: Wednesday, September 18, 2019 12:50 PM To: Syslog-ng users' and developers' mailing list <syslog-ng@lists.balabit.hu> Subject: Re: [syslog-ng] Enable SNI (Server Name Identification) in TLS connection CAUTION: This email originated from outside of the organization. Do not follow guidance, click links, or open attachments unless you recognize the sender and know the content is safe. Hi Atilla, I updated the code, compiled it and tested the changes. The changes works as expected. Thanks for the addressing the issue in such a short time. Follow-up question: When will this change get merged into the master branch? Also, when will this get packaged in Debian package? Thanks Raghu On Tue, Sep 17, 2019 at 4:27 PM Attila Szakacs (aszakacs) <Attila.Szakacs@oneidentity.com<mailto:Attila.Szakacs@oneidentity.com>> wrote: Hi Raghu, Currently we are not sending SNI extension in the Client Hello message. However, I made a PR to implement this: https://github.com/balabit/syslog-ng/pull/2930<https://nam05.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fbalabit%2Fsyslog-ng%2Fpull%2F2930&data=02%7C01%7CAttila.Szakacs%40oneidentity.com%7C9a139415a6fc4def5c9208d73c2b528e%7C91c369b51c9e439c989c1867ec606603%7C0%7C0%7C637044029090801199&sdata=qiNjqj135bbtxUw1tnMaMMhhvYT2fpdfbOWXMV64Mts%3D&reserved=0> Can you build syslog-ng from source? It would be great, if you tested the PR. Best regards, Attila ________________________________ From: syslog-ng <syslog-ng-bounces@lists.balabit.hu<mailto:syslog-ng-bounces@lists.balabit.hu>> on behalf of Raghunath Adhyapak <funduraghu@gmail.com<mailto:funduraghu@gmail.com>> Sent: Tuesday, September 17, 2019 9:05 AM To: syslog-ng@lists.balabit.hu<mailto:syslog-ng@lists.balabit.hu> <syslog-ng@lists.balabit.hu<mailto:syslog-ng@lists.balabit.hu>> Subject: [syslog-ng] Enable SNI (Server Name Identification) in TLS connection CAUTION: This email originated from outside of the organization. Do not follow guidance, click links, or open attachments unless you recognize the sender and know the content is safe. Hi, I am using TLS over TCP connection to forward my syslog events to a remote server. My remote server uses SNI (Server Name Identification) to route connections/events to one of the available backend servers. I observe that syslog-ng doesn't send SNI during TLS handshake. How can I enable it? My configuration is as follows: =================================== source s_net { syslog(transport(udp) port(1514)); }; destination d_tcp { tcp( "XX.example.net<https://nam05.safelinks.protection.outlook.com/?url=http%3A%2F%2FXX.example.net&data=02%7C01%7CAttila.Szakacs%40oneidentity.com%7C9a139415a6fc4def5c9208d73c2b528e%7C91c369b51c9e439c989c1867ec606603%7C0%7C0%7C637044029090801199&sdata=kKc2XxSr%2FnS%2BbFmSCXXqka9t17oLsCrDmViLjQdQfQI%3D&reserved=0>" port(96) tls( peer-verify(required-untrusted) ca_dir("/etc/syslog-ng/ssl") key-file("/etc/syslog-ng/ssl/globaltest/XX.example.net.key.pem") cert-file("/etc/syslog-ng/ssl/globaltest/XX.example.net.cert.pem") ) ); }; log { source(s_net); destination(d_tcp); }; =================================== I want syslog-ng to send XX.example.net<https://nam05.safelinks.protection.outlook.com/?url=http%3A%2F%2FXX.example.net&data=02%7C01%7CAttila.Szakacs%40oneidentity.com%7C9a139415a6fc4def5c9208d73c2b528e%7C91c369b51c9e439c989c1867ec606603%7C0%7C0%7C637044029090811194&sdata=OMGWyTrbUz5J40CVui56wWoLSzbSQXj7EcWzQGNDKQc%3D&reserved=0> as SNI to my remote server Please advise Thanks Raghu ______________________________________________________________________________ Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng<https://nam05.safelinks.protection.outlook.com/?url=https%3A%2F%2Flists.balabit.hu%2Fmailman%2Flistinfo%2Fsyslog-ng&data=02%7C01%7CAttila.Szakacs%40oneidentity.com%7C9a139415a6fc4def5c9208d73c2b528e%7C91c369b51c9e439c989c1867ec606603%7C0%7C0%7C637044029090821195&sdata=bYI0oeeeoLjifgXSlm8%2BUfaAMEk%2FPuOqo966%2FaOCRMI%3D&reserved=0> Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng<https://nam05.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.balabit.com%2Fsupport%2Fdocumentation%2F%3Fproduct%3Dsyslog-ng&data=02%7C01%7CAttila.Szakacs%40oneidentity.com%7C9a139415a6fc4def5c9208d73c2b528e%7C91c369b51c9e439c989c1867ec606603%7C0%7C0%7C637044029090821195&sdata=ZJda2Cox1NHyYkmtThHPC0nu6HIdQ9LK7oJqDXHb4CM%3D&reserved=0> FAQ: http://www.balabit.com/wiki/syslog-ng-faq<https://nam05.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.balabit.com%2Fwiki%2Fsyslog-ng-faq&data=02%7C01%7CAttila.Szakacs%40oneidentity.com%7C9a139415a6fc4def5c9208d73c2b528e%7C91c369b51c9e439c989c1867ec606603%7C0%7C0%7C637044029090831186&sdata=yVv8HfegV4%2B0g1U2XAsWXRc1CxRVEJ7chniTvJdizMU%3D&reserved=0>
That's awesome. Thanks Raghu On Wed, Sep 18, 2019, 17:05 Attila Szakacs (aszakacs) < Attila.Szakacs@oneidentity.com> wrote:
To the other question: It will be merged on the master branch probably in a week.
Attila ------------------------------ *From:* syslog-ng <syslog-ng-bounces@lists.balabit.hu> on behalf of Attila Szakacs (aszakacs) <Attila.Szakacs@oneidentity.com> *Sent:* Wednesday, September 18, 2019 1:28 PM *To:* Syslog-ng users' and developers' mailing list < syslog-ng@lists.balabit.hu> *Subject:* Re: [syslog-ng] Enable SNI (Server Name Identification) in TLS connection
CAUTION: This email originated from outside of the organization. Do not follow guidance, click links, or open attachments unless you recognize the sender and know the content is safe.
Hi Raghu,
You are welcome! Thanks for the good idea. If everything goes well, this feature will be released in version 3.24, in 3-4 weeks. The packaging happens at the same time, you will find the 3.24 installer at https://download.opensuse.org/repositories/home:/laszlo_budai:/syslog-ng/ <https://nam05.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdownload.opensuse.org%2Frepositories%2Fhome%3A%2Flaszlo_budai%3A%2Fsyslog-ng%2F&data=02%7C01%7CAttila.Szakacs%40oneidentity.com%7C9a139415a6fc4def5c9208d73c2b528e%7C91c369b51c9e439c989c1867ec606603%7C0%7C0%7C637044029090791204&sdata=H%2BQFpJOnTdhGOgMiXXimyDRJRsJMs3ABr3MNdUZ0h%2BY%3D&reserved=0>
Best regards, Attila ------------------------------ *From:* syslog-ng <syslog-ng-bounces@lists.balabit.hu> on behalf of Raghunath Adhyapak <funduraghu@gmail.com> *Sent:* Wednesday, September 18, 2019 12:50 PM *To:* Syslog-ng users' and developers' mailing list < syslog-ng@lists.balabit.hu> *Subject:* Re: [syslog-ng] Enable SNI (Server Name Identification) in TLS connection
CAUTION: This email originated from outside of the organization. Do not follow guidance, click links, or open attachments unless you recognize the sender and know the content is safe.
Hi Atilla,
I updated the code, compiled it and tested the changes. The changes works as expected. Thanks for the addressing the issue in such a short time.
Follow-up question: When will this change get merged into the master branch? Also, when will this get packaged in Debian package?
Thanks Raghu
On Tue, Sep 17, 2019 at 4:27 PM Attila Szakacs (aszakacs) < Attila.Szakacs@oneidentity.com> wrote:
Hi Raghu,
Currently we are not sending SNI extension in the Client Hello message. However, I made a PR to implement this: https://github.com/balabit/syslog-ng/pull/2930 <https://nam05.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fbalabit%2Fsyslog-ng%2Fpull%2F2930&data=02%7C01%7CAttila.Szakacs%40oneidentity.com%7C9a139415a6fc4def5c9208d73c2b528e%7C91c369b51c9e439c989c1867ec606603%7C0%7C0%7C637044029090801199&sdata=qiNjqj135bbtxUw1tnMaMMhhvYT2fpdfbOWXMV64Mts%3D&reserved=0>
Can you build syslog-ng from source? It would be great, if you tested the PR.
Best regards, Attila ------------------------------ *From:* syslog-ng <syslog-ng-bounces@lists.balabit.hu> on behalf of Raghunath Adhyapak <funduraghu@gmail.com> *Sent:* Tuesday, September 17, 2019 9:05 AM *To:* syslog-ng@lists.balabit.hu <syslog-ng@lists.balabit.hu> *Subject:* [syslog-ng] Enable SNI (Server Name Identification) in TLS connection
CAUTION: This email originated from outside of the organization. Do not follow guidance, click links, or open attachments unless you recognize the sender and know the content is safe.
Hi,
I am using TLS over TCP connection to forward my syslog events to a remote server. My remote server uses SNI (Server Name Identification) to route connections/events to one of the available backend servers.
I observe that syslog-ng doesn't send SNI during TLS handshake.
How can I enable it?
My configuration is as follows:
=================================== source s_net { syslog(transport(udp) port(1514)); }; destination d_tcp { tcp( "XX.example.net <https://nam05.safelinks.protection.outlook.com/?url=http%3A%2F%2FXX.example.net&data=02%7C01%7CAttila.Szakacs%40oneidentity.com%7C9a139415a6fc4def5c9208d73c2b528e%7C91c369b51c9e439c989c1867ec606603%7C0%7C0%7C637044029090801199&sdata=kKc2XxSr%2FnS%2BbFmSCXXqka9t17oLsCrDmViLjQdQfQI%3D&reserved=0> " port(96) tls( peer-verify(required-untrusted) ca_dir("/etc/syslog-ng/ssl")
key-file("/etc/syslog-ng/ssl/globaltest/XX.example.net.key.pem")
cert-file("/etc/syslog-ng/ssl/globaltest/XX.example.net.cert.pem") ) ); }; log { source(s_net); destination(d_tcp); }; ===================================
I want syslog-ng to send XX.example.net <https://nam05.safelinks.protection.outlook.com/?url=http%3A%2F%2FXX.example.net&data=02%7C01%7CAttila.Szakacs%40oneidentity.com%7C9a139415a6fc4def5c9208d73c2b528e%7C91c369b51c9e439c989c1867ec606603%7C0%7C0%7C637044029090811194&sdata=OMGWyTrbUz5J40CVui56wWoLSzbSQXj7EcWzQGNDKQc%3D&reserved=0> as SNI to my remote server
Please advise
Thanks Raghu
______________________________________________________________________________ Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng <https://nam05.safelinks.protection.outlook.com/?url=https%3A%2F%2Flists.balabit.hu%2Fmailman%2Flistinfo%2Fsyslog-ng&data=02%7C01%7CAttila.Szakacs%40oneidentity.com%7C9a139415a6fc4def5c9208d73c2b528e%7C91c369b51c9e439c989c1867ec606603%7C0%7C0%7C637044029090821195&sdata=bYI0oeeeoLjifgXSlm8%2BUfaAMEk%2FPuOqo966%2FaOCRMI%3D&reserved=0> Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng <https://nam05.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.balabit.com%2Fsupport%2Fdocumentation%2F%3Fproduct%3Dsyslog-ng&data=02%7C01%7CAttila.Szakacs%40oneidentity.com%7C9a139415a6fc4def5c9208d73c2b528e%7C91c369b51c9e439c989c1867ec606603%7C0%7C0%7C637044029090821195&sdata=ZJda2Cox1NHyYkmtThHPC0nu6HIdQ9LK7oJqDXHb4CM%3D&reserved=0> FAQ: http://www.balabit.com/wiki/syslog-ng-faq <https://nam05.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.balabit.com%2Fwiki%2Fsyslog-ng-faq&data=02%7C01%7CAttila.Szakacs%40oneidentity.com%7C9a139415a6fc4def5c9208d73c2b528e%7C91c369b51c9e439c989c1867ec606603%7C0%7C0%7C637044029090831186&sdata=yVv8HfegV4%2B0g1U2XAsWXRc1CxRVEJ7chniTvJdizMU%3D&reserved=0>
______________________________________________________________________________ Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng FAQ: http://www.balabit.com/wiki/syslog-ng-faq
Hi Raghu, It got merged to master! ? https://github.com/syslog-ng/syslog-ng/pull/2930 Best regards, Attila ________________________________ From: syslog-ng <syslog-ng-bounces@lists.balabit.hu> on behalf of Raghunath Adhyapak <funduraghu@gmail.com> Sent: Wednesday, September 18, 2019 5:35 PM To: Syslog-ng users' and developers' mailing list <syslog-ng@lists.balabit.hu> Subject: Re: [syslog-ng] Enable SNI (Server Name Identification) in TLS connection CAUTION: This email originated from outside of the organization. Do not follow guidance, click links, or open attachments unless you recognize the sender and know the content is safe. That's awesome. Thanks Raghu On Wed, Sep 18, 2019, 17:05 Attila Szakacs (aszakacs) <Attila.Szakacs@oneidentity.com<mailto:Attila.Szakacs@oneidentity.com>> wrote: To the other question: It will be merged on the master branch probably in a week. Attila ________________________________ From: syslog-ng <syslog-ng-bounces@lists.balabit.hu<mailto:syslog-ng-bounces@lists.balabit.hu>> on behalf of Attila Szakacs (aszakacs) <Attila.Szakacs@oneidentity.com<mailto:Attila.Szakacs@oneidentity.com>> Sent: Wednesday, September 18, 2019 1:28 PM To: Syslog-ng users' and developers' mailing list <syslog-ng@lists.balabit.hu<mailto:syslog-ng@lists.balabit.hu>> Subject: Re: [syslog-ng] Enable SNI (Server Name Identification) in TLS connection CAUTION: This email originated from outside of the organization. Do not follow guidance, click links, or open attachments unless you recognize the sender and know the content is safe. Hi Raghu, You are welcome! Thanks for the good idea. If everything goes well, this feature will be released in version 3.24, in 3-4 weeks. The packaging happens at the same time, you will find the 3.24 installer at https://download.opensuse.org/repositories/home:/laszlo_budai:/syslog-ng/<https://nam05.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdownload.opensuse.org%2Frepositories%2Fhome%3A%2Flaszlo_budai%3A%2Fsyslog-ng%2F&data=02%7C01%7Cattila.szakacs%40oneidentity.com%7C2ca2704f03d1430252cb08d73c4deb58%7C91c369b51c9e439c989c1867ec606603%7C0%7C0%7C637044177696240437&sdata=M9xVXlbEAiGqeLtLx1DsoXM9Tviag8FZVNERp0Z6oBg%3D&reserved=0> Best regards, Attila ________________________________ From: syslog-ng <syslog-ng-bounces@lists.balabit.hu<mailto:syslog-ng-bounces@lists.balabit.hu>> on behalf of Raghunath Adhyapak <funduraghu@gmail.com<mailto:funduraghu@gmail.com>> Sent: Wednesday, September 18, 2019 12:50 PM To: Syslog-ng users' and developers' mailing list <syslog-ng@lists.balabit.hu<mailto:syslog-ng@lists.balabit.hu>> Subject: Re: [syslog-ng] Enable SNI (Server Name Identification) in TLS connection CAUTION: This email originated from outside of the organization. Do not follow guidance, click links, or open attachments unless you recognize the sender and know the content is safe. Hi Atilla, I updated the code, compiled it and tested the changes. The changes works as expected. Thanks for the addressing the issue in such a short time. Follow-up question: When will this change get merged into the master branch? Also, when will this get packaged in Debian package? Thanks Raghu On Tue, Sep 17, 2019 at 4:27 PM Attila Szakacs (aszakacs) <Attila.Szakacs@oneidentity.com<mailto:Attila.Szakacs@oneidentity.com>> wrote: Hi Raghu, Currently we are not sending SNI extension in the Client Hello message. However, I made a PR to implement this: https://github.com/balabit/syslog-ng/pull/2930<https://nam05.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fbalabit%2Fsyslog-ng%2Fpull%2F2930&data=02%7C01%7Cattila.szakacs%40oneidentity.com%7C2ca2704f03d1430252cb08d73c4deb58%7C91c369b51c9e439c989c1867ec606603%7C0%7C0%7C637044177696240437&sdata=GvVjWOS9Yi%2FJZdl1pblLIOWdtSTJ2gpJkEJVpH37oBQ%3D&reserved=0> Can you build syslog-ng from source? It would be great, if you tested the PR. Best regards, Attila ________________________________ From: syslog-ng <syslog-ng-bounces@lists.balabit.hu<mailto:syslog-ng-bounces@lists.balabit.hu>> on behalf of Raghunath Adhyapak <funduraghu@gmail.com<mailto:funduraghu@gmail.com>> Sent: Tuesday, September 17, 2019 9:05 AM To: syslog-ng@lists.balabit.hu<mailto:syslog-ng@lists.balabit.hu> <syslog-ng@lists.balabit.hu<mailto:syslog-ng@lists.balabit.hu>> Subject: [syslog-ng] Enable SNI (Server Name Identification) in TLS connection CAUTION: This email originated from outside of the organization. Do not follow guidance, click links, or open attachments unless you recognize the sender and know the content is safe. Hi, I am using TLS over TCP connection to forward my syslog events to a remote server. My remote server uses SNI (Server Name Identification) to route connections/events to one of the available backend servers. I observe that syslog-ng doesn't send SNI during TLS handshake. How can I enable it? My configuration is as follows: =================================== source s_net { syslog(transport(udp) port(1514)); }; destination d_tcp { tcp( "XX.example.net<https://nam05.safelinks.protection.outlook.com/?url=http%3A%2F%2FXX.example.net&data=02%7C01%7Cattila.szakacs%40oneidentity.com%7C2ca2704f03d1430252cb08d73c4deb58%7C91c369b51c9e439c989c1867ec606603%7C0%7C0%7C637044177696250438&sdata=KNtS9zpawll0eH6U8VyuBAcp2QHgLzY3S2FdtY5o90s%3D&reserved=0>" port(96) tls( peer-verify(required-untrusted) ca_dir("/etc/syslog-ng/ssl") key-file("/etc/syslog-ng/ssl/globaltest/XX.example.net.key.pem") cert-file("/etc/syslog-ng/ssl/globaltest/XX.example.net.cert.pem") ) ); }; log { source(s_net); destination(d_tcp); }; =================================== I want syslog-ng to send XX.example.net<https://nam05.safelinks.protection.outlook.com/?url=http%3A%2F%2FXX.example.net&data=02%7C01%7Cattila.szakacs%40oneidentity.com%7C2ca2704f03d1430252cb08d73c4deb58%7C91c369b51c9e439c989c1867ec606603%7C0%7C0%7C637044177696260431&sdata=5uJJlzHej7SoSTjS1Ov9n99bGQJGWIYfmL2%2FLJLWj1Q%3D&reserved=0> as SNI to my remote server Please advise Thanks Raghu ______________________________________________________________________________ Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng<https://nam05.safelinks.protection.outlook.com/?url=https%3A%2F%2Flists.balabit.hu%2Fmailman%2Flistinfo%2Fsyslog-ng&data=02%7C01%7Cattila.szakacs%40oneidentity.com%7C2ca2704f03d1430252cb08d73c4deb58%7C91c369b51c9e439c989c1867ec606603%7C0%7C0%7C637044177696260431&sdata=KFw8wgQEfFdLo1EHd%2FHIMQlC6CpVJ1PdXaKL34Y9CnM%3D&reserved=0> Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng<https://nam05.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.balabit.com%2Fsupport%2Fdocumentation%2F%3Fproduct%3Dsyslog-ng&data=02%7C01%7Cattila.szakacs%40oneidentity.com%7C2ca2704f03d1430252cb08d73c4deb58%7C91c369b51c9e439c989c1867ec606603%7C0%7C0%7C637044177696270436&sdata=M%2B74WHS6u07annIaxzoC1kdlvKmlD8oB5T5kqCDmUXc%3D&reserved=0> FAQ: http://www.balabit.com/wiki/syslog-ng-faq<https://nam05.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.balabit.com%2Fwiki%2Fsyslog-ng-faq&data=02%7C01%7Cattila.szakacs%40oneidentity.com%7C2ca2704f03d1430252cb08d73c4deb58%7C91c369b51c9e439c989c1867ec606603%7C0%7C0%7C637044177696280431&sdata=WZcQ9x7SUou61Z6k7lHTz%2BVT4jSd7zlenQWlAL%2BeXUk%3D&reserved=0> ______________________________________________________________________________ Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng<https://nam05.safelinks.protection.outlook.com/?url=https%3A%2F%2Flists.balabit.hu%2Fmailman%2Flistinfo%2Fsyslog-ng&data=02%7C01%7Cattila.szakacs%40oneidentity.com%7C2ca2704f03d1430252cb08d73c4deb58%7C91c369b51c9e439c989c1867ec606603%7C0%7C0%7C637044177696290423&sdata=iZX6zp8xHcGevLcRiTOHRDb2SqDb7Y7ZhOhyRJ0j2K0%3D&reserved=0> Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng<https://nam05.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.balabit.com%2Fsupport%2Fdocumentation%2F%3Fproduct%3Dsyslog-ng&data=02%7C01%7Cattila.szakacs%40oneidentity.com%7C2ca2704f03d1430252cb08d73c4deb58%7C91c369b51c9e439c989c1867ec606603%7C0%7C0%7C637044177696290423&sdata=OgaDRImuMz3AflHKLq8TCUWvBT1mjANwipDJVhYRxW0%3D&reserved=0> FAQ: http://www.balabit.com/wiki/syslog-ng-faq<https://nam05.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.balabit.com%2Fwiki%2Fsyslog-ng-faq&data=02%7C01%7Cattila.szakacs%40oneidentity.com%7C2ca2704f03d1430252cb08d73c4deb58%7C91c369b51c9e439c989c1867ec606603%7C0%7C0%7C637044177696300417&sdata=xqYD9GcHStDP4DWTNEyOSG8JHN%2BmExrd4agc8Gwlr5Y%3D&reserved=0>
Thanks. Now waiting for Debian package Raghu On Thu, Sep 26, 2019, 18:26 Attila Szakacs (aszakacs) < Attila.Szakacs@oneidentity.com> wrote:
Hi Raghu,
It got merged to master! 🙂 https://github.com/syslog-ng/syslog-ng/pull/2930
Best regards, Attila ------------------------------ *From:* syslog-ng <syslog-ng-bounces@lists.balabit.hu> on behalf of Raghunath Adhyapak <funduraghu@gmail.com> *Sent:* Wednesday, September 18, 2019 5:35 PM *To:* Syslog-ng users' and developers' mailing list < syslog-ng@lists.balabit.hu> *Subject:* Re: [syslog-ng] Enable SNI (Server Name Identification) in TLS connection
CAUTION: This email originated from outside of the organization. Do not follow guidance, click links, or open attachments unless you recognize the sender and know the content is safe.
That's awesome.
Thanks Raghu
On Wed, Sep 18, 2019, 17:05 Attila Szakacs (aszakacs) < Attila.Szakacs@oneidentity.com> wrote:
To the other question: It will be merged on the master branch probably in a week.
Attila ------------------------------ *From:* syslog-ng <syslog-ng-bounces@lists.balabit.hu> on behalf of Attila Szakacs (aszakacs) <Attila.Szakacs@oneidentity.com> *Sent:* Wednesday, September 18, 2019 1:28 PM *To:* Syslog-ng users' and developers' mailing list < syslog-ng@lists.balabit.hu> *Subject:* Re: [syslog-ng] Enable SNI (Server Name Identification) in TLS connection
CAUTION: This email originated from outside of the organization. Do not follow guidance, click links, or open attachments unless you recognize the sender and know the content is safe.
Hi Raghu,
You are welcome! Thanks for the good idea. If everything goes well, this feature will be released in version 3.24, in 3-4 weeks. The packaging happens at the same time, you will find the 3.24 installer at https://download.opensuse.org/repositories/home:/laszlo_budai:/syslog-ng/ <https://nam05.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdownload.opensuse.org%2Frepositories%2Fhome%3A%2Flaszlo_budai%3A%2Fsyslog-ng%2F&data=02%7C01%7Cattila.szakacs%40oneidentity.com%7C2ca2704f03d1430252cb08d73c4deb58%7C91c369b51c9e439c989c1867ec606603%7C0%7C0%7C637044177696240437&sdata=M9xVXlbEAiGqeLtLx1DsoXM9Tviag8FZVNERp0Z6oBg%3D&reserved=0>
Best regards, Attila ------------------------------ *From:* syslog-ng <syslog-ng-bounces@lists.balabit.hu> on behalf of Raghunath Adhyapak <funduraghu@gmail.com> *Sent:* Wednesday, September 18, 2019 12:50 PM *To:* Syslog-ng users' and developers' mailing list < syslog-ng@lists.balabit.hu> *Subject:* Re: [syslog-ng] Enable SNI (Server Name Identification) in TLS connection
CAUTION: This email originated from outside of the organization. Do not follow guidance, click links, or open attachments unless you recognize the sender and know the content is safe.
Hi Atilla,
I updated the code, compiled it and tested the changes. The changes works as expected. Thanks for the addressing the issue in such a short time.
Follow-up question: When will this change get merged into the master branch? Also, when will this get packaged in Debian package?
Thanks Raghu
On Tue, Sep 17, 2019 at 4:27 PM Attila Szakacs (aszakacs) < Attila.Szakacs@oneidentity.com> wrote:
Hi Raghu,
Currently we are not sending SNI extension in the Client Hello message. However, I made a PR to implement this: https://github.com/balabit/syslog-ng/pull/2930 <https://nam05.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fbalabit%2Fsyslog-ng%2Fpull%2F2930&data=02%7C01%7Cattila.szakacs%40oneidentity.com%7C2ca2704f03d1430252cb08d73c4deb58%7C91c369b51c9e439c989c1867ec606603%7C0%7C0%7C637044177696240437&sdata=GvVjWOS9Yi%2FJZdl1pblLIOWdtSTJ2gpJkEJVpH37oBQ%3D&reserved=0>
Can you build syslog-ng from source? It would be great, if you tested the PR.
Best regards, Attila ------------------------------ *From:* syslog-ng <syslog-ng-bounces@lists.balabit.hu> on behalf of Raghunath Adhyapak <funduraghu@gmail.com> *Sent:* Tuesday, September 17, 2019 9:05 AM *To:* syslog-ng@lists.balabit.hu <syslog-ng@lists.balabit.hu> *Subject:* [syslog-ng] Enable SNI (Server Name Identification) in TLS connection
CAUTION: This email originated from outside of the organization. Do not follow guidance, click links, or open attachments unless you recognize the sender and know the content is safe.
Hi,
I am using TLS over TCP connection to forward my syslog events to a remote server. My remote server uses SNI (Server Name Identification) to route connections/events to one of the available backend servers.
I observe that syslog-ng doesn't send SNI during TLS handshake.
How can I enable it?
My configuration is as follows:
=================================== source s_net { syslog(transport(udp) port(1514)); }; destination d_tcp { tcp( "XX.example.net <https://nam05.safelinks.protection.outlook.com/?url=http%3A%2F%2FXX.example.net&data=02%7C01%7Cattila.szakacs%40oneidentity.com%7C2ca2704f03d1430252cb08d73c4deb58%7C91c369b51c9e439c989c1867ec606603%7C0%7C0%7C637044177696250438&sdata=KNtS9zpawll0eH6U8VyuBAcp2QHgLzY3S2FdtY5o90s%3D&reserved=0> " port(96) tls( peer-verify(required-untrusted) ca_dir("/etc/syslog-ng/ssl")
key-file("/etc/syslog-ng/ssl/globaltest/XX.example.net.key.pem")
cert-file("/etc/syslog-ng/ssl/globaltest/XX.example.net.cert.pem") ) ); }; log { source(s_net); destination(d_tcp); }; ===================================
I want syslog-ng to send XX.example.net <https://nam05.safelinks.protection.outlook.com/?url=http%3A%2F%2FXX.example.net&data=02%7C01%7Cattila.szakacs%40oneidentity.com%7C2ca2704f03d1430252cb08d73c4deb58%7C91c369b51c9e439c989c1867ec606603%7C0%7C0%7C637044177696260431&sdata=5uJJlzHej7SoSTjS1Ov9n99bGQJGWIYfmL2%2FLJLWj1Q%3D&reserved=0> as SNI to my remote server
Please advise
Thanks Raghu
______________________________________________________________________________ Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng <https://nam05.safelinks.protection.outlook.com/?url=https%3A%2F%2Flists.balabit.hu%2Fmailman%2Flistinfo%2Fsyslog-ng&data=02%7C01%7Cattila.szakacs%40oneidentity.com%7C2ca2704f03d1430252cb08d73c4deb58%7C91c369b51c9e439c989c1867ec606603%7C0%7C0%7C637044177696260431&sdata=KFw8wgQEfFdLo1EHd%2FHIMQlC6CpVJ1PdXaKL34Y9CnM%3D&reserved=0> Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng <https://nam05.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.balabit.com%2Fsupport%2Fdocumentation%2F%3Fproduct%3Dsyslog-ng&data=02%7C01%7Cattila.szakacs%40oneidentity.com%7C2ca2704f03d1430252cb08d73c4deb58%7C91c369b51c9e439c989c1867ec606603%7C0%7C0%7C637044177696270436&sdata=M%2B74WHS6u07annIaxzoC1kdlvKmlD8oB5T5kqCDmUXc%3D&reserved=0> FAQ: http://www.balabit.com/wiki/syslog-ng-faq <https://nam05.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.balabit.com%2Fwiki%2Fsyslog-ng-faq&data=02%7C01%7Cattila.szakacs%40oneidentity.com%7C2ca2704f03d1430252cb08d73c4deb58%7C91c369b51c9e439c989c1867ec606603%7C0%7C0%7C637044177696280431&sdata=WZcQ9x7SUou61Z6k7lHTz%2BVT4jSd7zlenQWlAL%2BeXUk%3D&reserved=0>
______________________________________________________________________________ Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng <https://nam05.safelinks.protection.outlook.com/?url=https%3A%2F%2Flists.balabit.hu%2Fmailman%2Flistinfo%2Fsyslog-ng&data=02%7C01%7Cattila.szakacs%40oneidentity.com%7C2ca2704f03d1430252cb08d73c4deb58%7C91c369b51c9e439c989c1867ec606603%7C0%7C0%7C637044177696290423&sdata=iZX6zp8xHcGevLcRiTOHRDb2SqDb7Y7ZhOhyRJ0j2K0%3D&reserved=0> Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng <https://nam05.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.balabit.com%2Fsupport%2Fdocumentation%2F%3Fproduct%3Dsyslog-ng&data=02%7C01%7Cattila.szakacs%40oneidentity.com%7C2ca2704f03d1430252cb08d73c4deb58%7C91c369b51c9e439c989c1867ec606603%7C0%7C0%7C637044177696290423&sdata=OgaDRImuMz3AflHKLq8TCUWvBT1mjANwipDJVhYRxW0%3D&reserved=0> FAQ: http://www.balabit.com/wiki/syslog-ng-faq <https://nam05.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.balabit.com%2Fwiki%2Fsyslog-ng-faq&data=02%7C01%7Cattila.szakacs%40oneidentity.com%7C2ca2704f03d1430252cb08d73c4deb58%7C91c369b51c9e439c989c1867ec606603%7C0%7C0%7C637044177696300417&sdata=xqYD9GcHStDP4DWTNEyOSG8JHN%2BmExrd4agc8Gwlr5Y%3D&reserved=0>
______________________________________________________________________________ Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng FAQ: http://www.balabit.com/wiki/syslog-ng-faq
If you would like to test before the upcoming release, you can create a deb package with our docker based package scripts: https://github.com/syslog-ng/syslog-ng/tree/master/dbld depending on your platform, it would be "dbld/rules deb" or "dbld/rules deb-ubuntu-xenial" Regards, Gabor ________________________________ From: syslog-ng <syslog-ng-bounces@lists.balabit.hu> on behalf of Raghunath Adhyapak <funduraghu@gmail.com> Sent: Thursday, September 26, 2019 15:30 To: Syslog-ng users' and developers' mailing list <syslog-ng@lists.balabit.hu> Subject: Re: [syslog-ng] Enable SNI (Server Name Identification) in TLS connection CAUTION: This email originated from outside of the organization. Do not follow guidance, click links, or open attachments unless you recognize the sender and know the content is safe. Thanks. Now waiting for Debian package Raghu On Thu, Sep 26, 2019, 18:26 Attila Szakacs (aszakacs) <Attila.Szakacs@oneidentity.com<mailto:Attila.Szakacs@oneidentity.com>> wrote: Hi Raghu, It got merged to master! 🙂 https://github.com/syslog-ng/syslog-ng/pull/2930<https://nam05.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fsyslog-ng%2Fsyslog-ng%2Fpull%2F2930&data=02%7C01%7Cgabor.nagy%40oneidentity.com%7Cfb559bbffddf430b07d408d74285c639%7C91c369b51c9e439c989c1867ec606603%7C0%7C0%7C637051014645449880&sdata=CYEi5latvJWnPQo7xYHa3klvdXiNVyXai5PhV51yVeI%3D&reserved=0> Best regards, Attila ________________________________ From: syslog-ng <syslog-ng-bounces@lists.balabit.hu<mailto:syslog-ng-bounces@lists.balabit.hu>> on behalf of Raghunath Adhyapak <funduraghu@gmail.com<mailto:funduraghu@gmail.com>> Sent: Wednesday, September 18, 2019 5:35 PM To: Syslog-ng users' and developers' mailing list <syslog-ng@lists.balabit.hu<mailto:syslog-ng@lists.balabit.hu>> Subject: Re: [syslog-ng] Enable SNI (Server Name Identification) in TLS connection CAUTION: This email originated from outside of the organization. Do not follow guidance, click links, or open attachments unless you recognize the sender and know the content is safe. That's awesome. Thanks Raghu On Wed, Sep 18, 2019, 17:05 Attila Szakacs (aszakacs) <Attila.Szakacs@oneidentity.com<mailto:Attila.Szakacs@oneidentity.com>> wrote: To the other question: It will be merged on the master branch probably in a week. Attila ________________________________ From: syslog-ng <syslog-ng-bounces@lists.balabit.hu<mailto:syslog-ng-bounces@lists.balabit.hu>> on behalf of Attila Szakacs (aszakacs) <Attila.Szakacs@oneidentity.com<mailto:Attila.Szakacs@oneidentity.com>> Sent: Wednesday, September 18, 2019 1:28 PM To: Syslog-ng users' and developers' mailing list <syslog-ng@lists.balabit.hu<mailto:syslog-ng@lists.balabit.hu>> Subject: Re: [syslog-ng] Enable SNI (Server Name Identification) in TLS connection CAUTION: This email originated from outside of the organization. Do not follow guidance, click links, or open attachments unless you recognize the sender and know the content is safe. Hi Raghu, You are welcome! Thanks for the good idea. If everything goes well, this feature will be released in version 3.24, in 3-4 weeks. The packaging happens at the same time, you will find the 3.24 installer at https://download.opensuse.org/repositories/home:/laszlo_budai:/syslog-ng/<https://nam05.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdownload.opensuse.org%2Frepositories%2Fhome%3A%2Flaszlo_budai%3A%2Fsyslog-ng%2F&data=02%7C01%7Cgabor.nagy%40oneidentity.com%7Cfb559bbffddf430b07d408d74285c639%7C91c369b51c9e439c989c1867ec606603%7C0%7C0%7C637051014645459869&sdata=krct3nD%2BVSMEQG00R0VJO2D1CeLqITAi8ZNTI7mV1a8%3D&reserved=0> Best regards, Attila ________________________________ From: syslog-ng <syslog-ng-bounces@lists.balabit.hu<mailto:syslog-ng-bounces@lists.balabit.hu>> on behalf of Raghunath Adhyapak <funduraghu@gmail.com<mailto:funduraghu@gmail.com>> Sent: Wednesday, September 18, 2019 12:50 PM To: Syslog-ng users' and developers' mailing list <syslog-ng@lists.balabit.hu<mailto:syslog-ng@lists.balabit.hu>> Subject: Re: [syslog-ng] Enable SNI (Server Name Identification) in TLS connection CAUTION: This email originated from outside of the organization. Do not follow guidance, click links, or open attachments unless you recognize the sender and know the content is safe. Hi Atilla, I updated the code, compiled it and tested the changes. The changes works as expected. Thanks for the addressing the issue in such a short time. Follow-up question: When will this change get merged into the master branch? Also, when will this get packaged in Debian package? Thanks Raghu On Tue, Sep 17, 2019 at 4:27 PM Attila Szakacs (aszakacs) <Attila.Szakacs@oneidentity.com<mailto:Attila.Szakacs@oneidentity.com>> wrote: Hi Raghu, Currently we are not sending SNI extension in the Client Hello message. However, I made a PR to implement this: https://github.com/balabit/syslog-ng/pull/2930<https://nam05.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fbalabit%2Fsyslog-ng%2Fpull%2F2930&data=02%7C01%7Cgabor.nagy%40oneidentity.com%7Cfb559bbffddf430b07d408d74285c639%7C91c369b51c9e439c989c1867ec606603%7C0%7C0%7C637051014645459869&sdata=IlcWEnngIqkJFPjWvS7hrar4Tli4Kqgad5IdN7X5WVc%3D&reserved=0> Can you build syslog-ng from source? It would be great, if you tested the PR. Best regards, Attila ________________________________ From: syslog-ng <syslog-ng-bounces@lists.balabit.hu<mailto:syslog-ng-bounces@lists.balabit.hu>> on behalf of Raghunath Adhyapak <funduraghu@gmail.com<mailto:funduraghu@gmail.com>> Sent: Tuesday, September 17, 2019 9:05 AM To: syslog-ng@lists.balabit.hu<mailto:syslog-ng@lists.balabit.hu> <syslog-ng@lists.balabit.hu<mailto:syslog-ng@lists.balabit.hu>> Subject: [syslog-ng] Enable SNI (Server Name Identification) in TLS connection CAUTION: This email originated from outside of the organization. Do not follow guidance, click links, or open attachments unless you recognize the sender and know the content is safe. Hi, I am using TLS over TCP connection to forward my syslog events to a remote server. My remote server uses SNI (Server Name Identification) to route connections/events to one of the available backend servers. I observe that syslog-ng doesn't send SNI during TLS handshake. How can I enable it? My configuration is as follows: =================================== source s_net { syslog(transport(udp) port(1514)); }; destination d_tcp { tcp( "XX.example.net<https://nam05.safelinks.protection.outlook.com/?url=http%3A%2F%2FXX.example.net&data=02%7C01%7Cgabor.nagy%40oneidentity.com%7Cfb559bbffddf430b07d408d74285c639%7C91c369b51c9e439c989c1867ec606603%7C0%7C0%7C637051014645469860&sdata=RTiMaNycpB56zTGx2gmqeFESNI2QO3JvOvSXUyC2MRk%3D&reserved=0>" port(96) tls( peer-verify(required-untrusted) ca_dir("/etc/syslog-ng/ssl") key-file("/etc/syslog-ng/ssl/globaltest/XX.example.net.key.pem") cert-file("/etc/syslog-ng/ssl/globaltest/XX.example.net.cert.pem") ) ); }; log { source(s_net); destination(d_tcp); }; =================================== I want syslog-ng to send XX.example.net<https://nam05.safelinks.protection.outlook.com/?url=http%3A%2F%2FXX.example.net&data=02%7C01%7Cgabor.nagy%40oneidentity.com%7Cfb559bbffddf430b07d408d74285c639%7C91c369b51c9e439c989c1867ec606603%7C0%7C0%7C637051014645469860&sdata=RTiMaNycpB56zTGx2gmqeFESNI2QO3JvOvSXUyC2MRk%3D&reserved=0> as SNI to my remote server Please advise Thanks Raghu ______________________________________________________________________________ Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng<https://nam05.safelinks.protection.outlook.com/?url=https%3A%2F%2Flists.balabit.hu%2Fmailman%2Flistinfo%2Fsyslog-ng&data=02%7C01%7Cgabor.nagy%40oneidentity.com%7Cfb559bbffddf430b07d408d74285c639%7C91c369b51c9e439c989c1867ec606603%7C0%7C0%7C637051014645479861&sdata=gHBU5J5tU99NDHJ4PwjtxlnS0jVp2Vxh%2BgAuiTsVKaE%3D&reserved=0> Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng<https://nam05.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.balabit.com%2Fsupport%2Fdocumentation%2F%3Fproduct%3Dsyslog-ng&data=02%7C01%7Cgabor.nagy%40oneidentity.com%7Cfb559bbffddf430b07d408d74285c639%7C91c369b51c9e439c989c1867ec606603%7C0%7C0%7C637051014645479861&sdata=NmD0lHSiQw0DbM8voUKjVOFX2fSnDwhyqaZvA7%2BBmnA%3D&reserved=0> FAQ: http://www.balabit.com/wiki/syslog-ng-faq<https://nam05.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.balabit.com%2Fwiki%2Fsyslog-ng-faq&data=02%7C01%7Cgabor.nagy%40oneidentity.com%7Cfb559bbffddf430b07d408d74285c639%7C91c369b51c9e439c989c1867ec606603%7C0%7C0%7C637051014645489858&sdata=9VaEY4yqC3Y8y0gQZbVY6M0g%2F2rhXsfXRlw2%2Fwbik2s%3D&reserved=0> ______________________________________________________________________________ Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng<https://nam05.safelinks.protection.outlook.com/?url=https%3A%2F%2Flists.balabit.hu%2Fmailman%2Flistinfo%2Fsyslog-ng&data=02%7C01%7Cgabor.nagy%40oneidentity.com%7Cfb559bbffddf430b07d408d74285c639%7C91c369b51c9e439c989c1867ec606603%7C0%7C0%7C637051014645489858&sdata=EWEYbbHYLIenlmGBceeB%2B0pLauNIABFmT0dt6%2F77TUs%3D&reserved=0> Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng<https://nam05.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.balabit.com%2Fsupport%2Fdocumentation%2F%3Fproduct%3Dsyslog-ng&data=02%7C01%7Cgabor.nagy%40oneidentity.com%7Cfb559bbffddf430b07d408d74285c639%7C91c369b51c9e439c989c1867ec606603%7C0%7C0%7C637051014645499850&sdata=mVlgDpNt3RVoHdr7ESi2Im89VnA0W7NOjkQbB11V3LM%3D&reserved=0> FAQ: http://www.balabit.com/wiki/syslog-ng-faq<https://nam05.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.balabit.com%2Fwiki%2Fsyslog-ng-faq&data=02%7C01%7Cgabor.nagy%40oneidentity.com%7Cfb559bbffddf430b07d408d74285c639%7C91c369b51c9e439c989c1867ec606603%7C0%7C0%7C637051014645499850&sdata=mNe53MBvTKfpkm1a%2FS6rEvCtYPwO3Pfjca0jLyPNeqw%3D&reserved=0> ______________________________________________________________________________ Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng<https://nam05.safelinks.protection.outlook.com/?url=https%3A%2F%2Flists.balabit.hu%2Fmailman%2Flistinfo%2Fsyslog-ng&data=02%7C01%7Cgabor.nagy%40oneidentity.com%7Cfb559bbffddf430b07d408d74285c639%7C91c369b51c9e439c989c1867ec606603%7C0%7C0%7C637051014645509849&sdata=YUrhyXSF6MkgRfRsxlOWqsSBsedoNo8UPb292Y0vTps%3D&reserved=0> Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng<https://nam05.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.balabit.com%2Fsupport%2Fdocumentation%2F%3Fproduct%3Dsyslog-ng&data=02%7C01%7Cgabor.nagy%40oneidentity.com%7Cfb559bbffddf430b07d408d74285c639%7C91c369b51c9e439c989c1867ec606603%7C0%7C0%7C637051014645509849&sdata=I2zhc1DPDcvLEShMr4v2V2MgtEZf72oDOvqx%2F607r%2BA%3D&reserved=0> FAQ: http://www.balabit.com/wiki/syslog-ng-faq<https://nam05.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.balabit.com%2Fwiki%2Fsyslog-ng-faq&data=02%7C01%7Cgabor.nagy%40oneidentity.com%7Cfb559bbffddf430b07d408d74285c639%7C91c369b51c9e439c989c1867ec606603%7C0%7C0%7C637051014645519834&sdata=eicWBDsPB4aguw98EKqegLs0ZBNcHmbifbm8lEFeKF0%3D&reserved=0>
I built from source and tested and it worked fine I need Deb package to ease install on my machines. I can wait for some more time. Raghu On Fri, Sep 27, 2019, 12:35 Gabor Nagy (gnagy) <Gabor.Nagy@oneidentity.com> wrote:
If you would like to test before the upcoming release, you can create a deb package with our docker based package scripts: https://github.com/syslog-ng/syslog-ng/tree/master/dbld
depending on your platform, it would be "dbld/rules deb" or "dbld/rules deb-ubuntu-xenial"
Regards, Gabor ------------------------------ *From:* syslog-ng <syslog-ng-bounces@lists.balabit.hu> on behalf of Raghunath Adhyapak <funduraghu@gmail.com> *Sent:* Thursday, September 26, 2019 15:30 *To:* Syslog-ng users' and developers' mailing list < syslog-ng@lists.balabit.hu> *Subject:* Re: [syslog-ng] Enable SNI (Server Name Identification) in TLS connection
CAUTION: This email originated from outside of the organization. Do not follow guidance, click links, or open attachments unless you recognize the sender and know the content is safe.
Thanks. Now waiting for Debian package
Raghu
On Thu, Sep 26, 2019, 18:26 Attila Szakacs (aszakacs) < Attila.Szakacs@oneidentity.com> wrote:
Hi Raghu,
It got merged to master! 🙂 https://github.com/syslog-ng/syslog-ng/pull/2930 <https://nam05.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fsyslog-ng%2Fsyslog-ng%2Fpull%2F2930&data=02%7C01%7Cgabor.nagy%40oneidentity.com%7Cfb559bbffddf430b07d408d74285c639%7C91c369b51c9e439c989c1867ec606603%7C0%7C0%7C637051014645449880&sdata=CYEi5latvJWnPQo7xYHa3klvdXiNVyXai5PhV51yVeI%3D&reserved=0>
Best regards, Attila ------------------------------ *From:* syslog-ng <syslog-ng-bounces@lists.balabit.hu> on behalf of Raghunath Adhyapak <funduraghu@gmail.com> *Sent:* Wednesday, September 18, 2019 5:35 PM *To:* Syslog-ng users' and developers' mailing list < syslog-ng@lists.balabit.hu> *Subject:* Re: [syslog-ng] Enable SNI (Server Name Identification) in TLS connection
CAUTION: This email originated from outside of the organization. Do not follow guidance, click links, or open attachments unless you recognize the sender and know the content is safe.
That's awesome.
Thanks Raghu
On Wed, Sep 18, 2019, 17:05 Attila Szakacs (aszakacs) < Attila.Szakacs@oneidentity.com> wrote:
To the other question: It will be merged on the master branch probably in a week.
Attila ------------------------------ *From:* syslog-ng <syslog-ng-bounces@lists.balabit.hu> on behalf of Attila Szakacs (aszakacs) <Attila.Szakacs@oneidentity.com> *Sent:* Wednesday, September 18, 2019 1:28 PM *To:* Syslog-ng users' and developers' mailing list < syslog-ng@lists.balabit.hu> *Subject:* Re: [syslog-ng] Enable SNI (Server Name Identification) in TLS connection
CAUTION: This email originated from outside of the organization. Do not follow guidance, click links, or open attachments unless you recognize the sender and know the content is safe.
Hi Raghu,
You are welcome! Thanks for the good idea. If everything goes well, this feature will be released in version 3.24, in 3-4 weeks. The packaging happens at the same time, you will find the 3.24 installer at https://download.opensuse.org/repositories/home:/laszlo_budai:/syslog-ng/ <https://nam05.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdownload.opensuse.org%2Frepositories%2Fhome%3A%2Flaszlo_budai%3A%2Fsyslog-ng%2F&data=02%7C01%7Cgabor.nagy%40oneidentity.com%7Cfb559bbffddf430b07d408d74285c639%7C91c369b51c9e439c989c1867ec606603%7C0%7C0%7C637051014645459869&sdata=krct3nD%2BVSMEQG00R0VJO2D1CeLqITAi8ZNTI7mV1a8%3D&reserved=0>
Best regards, Attila ------------------------------ *From:* syslog-ng <syslog-ng-bounces@lists.balabit.hu> on behalf of Raghunath Adhyapak <funduraghu@gmail.com> *Sent:* Wednesday, September 18, 2019 12:50 PM *To:* Syslog-ng users' and developers' mailing list < syslog-ng@lists.balabit.hu> *Subject:* Re: [syslog-ng] Enable SNI (Server Name Identification) in TLS connection
CAUTION: This email originated from outside of the organization. Do not follow guidance, click links, or open attachments unless you recognize the sender and know the content is safe.
Hi Atilla,
I updated the code, compiled it and tested the changes. The changes works as expected. Thanks for the addressing the issue in such a short time.
Follow-up question: When will this change get merged into the master branch? Also, when will this get packaged in Debian package?
Thanks Raghu
On Tue, Sep 17, 2019 at 4:27 PM Attila Szakacs (aszakacs) < Attila.Szakacs@oneidentity.com> wrote:
Hi Raghu,
Currently we are not sending SNI extension in the Client Hello message. However, I made a PR to implement this: https://github.com/balabit/syslog-ng/pull/2930 <https://nam05.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fbalabit%2Fsyslog-ng%2Fpull%2F2930&data=02%7C01%7Cgabor.nagy%40oneidentity.com%7Cfb559bbffddf430b07d408d74285c639%7C91c369b51c9e439c989c1867ec606603%7C0%7C0%7C637051014645459869&sdata=IlcWEnngIqkJFPjWvS7hrar4Tli4Kqgad5IdN7X5WVc%3D&reserved=0>
Can you build syslog-ng from source? It would be great, if you tested the PR.
Best regards, Attila ------------------------------ *From:* syslog-ng <syslog-ng-bounces@lists.balabit.hu> on behalf of Raghunath Adhyapak <funduraghu@gmail.com> *Sent:* Tuesday, September 17, 2019 9:05 AM *To:* syslog-ng@lists.balabit.hu <syslog-ng@lists.balabit.hu> *Subject:* [syslog-ng] Enable SNI (Server Name Identification) in TLS connection
CAUTION: This email originated from outside of the organization. Do not follow guidance, click links, or open attachments unless you recognize the sender and know the content is safe.
Hi,
I am using TLS over TCP connection to forward my syslog events to a remote server. My remote server uses SNI (Server Name Identification) to route connections/events to one of the available backend servers.
I observe that syslog-ng doesn't send SNI during TLS handshake.
How can I enable it?
My configuration is as follows:
=================================== source s_net { syslog(transport(udp) port(1514)); }; destination d_tcp { tcp( "XX.example.net <https://nam05.safelinks.protection.outlook.com/?url=http%3A%2F%2FXX.example.net&data=02%7C01%7Cgabor.nagy%40oneidentity.com%7Cfb559bbffddf430b07d408d74285c639%7C91c369b51c9e439c989c1867ec606603%7C0%7C0%7C637051014645469860&sdata=RTiMaNycpB56zTGx2gmqeFESNI2QO3JvOvSXUyC2MRk%3D&reserved=0> " port(96) tls( peer-verify(required-untrusted) ca_dir("/etc/syslog-ng/ssl")
key-file("/etc/syslog-ng/ssl/globaltest/XX.example.net.key.pem")
cert-file("/etc/syslog-ng/ssl/globaltest/XX.example.net.cert.pem") ) ); }; log { source(s_net); destination(d_tcp); }; ===================================
I want syslog-ng to send XX.example.net <https://nam05.safelinks.protection.outlook.com/?url=http%3A%2F%2FXX.example.net&data=02%7C01%7Cgabor.nagy%40oneidentity.com%7Cfb559bbffddf430b07d408d74285c639%7C91c369b51c9e439c989c1867ec606603%7C0%7C0%7C637051014645469860&sdata=RTiMaNycpB56zTGx2gmqeFESNI2QO3JvOvSXUyC2MRk%3D&reserved=0> as SNI to my remote server
Please advise
Thanks Raghu
______________________________________________________________________________ Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng <https://nam05.safelinks.protection.outlook.com/?url=https%3A%2F%2Flists.balabit.hu%2Fmailman%2Flistinfo%2Fsyslog-ng&data=02%7C01%7Cgabor.nagy%40oneidentity.com%7Cfb559bbffddf430b07d408d74285c639%7C91c369b51c9e439c989c1867ec606603%7C0%7C0%7C637051014645479861&sdata=gHBU5J5tU99NDHJ4PwjtxlnS0jVp2Vxh%2BgAuiTsVKaE%3D&reserved=0> Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng <https://nam05.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.balabit.com%2Fsupport%2Fdocumentation%2F%3Fproduct%3Dsyslog-ng&data=02%7C01%7Cgabor.nagy%40oneidentity.com%7Cfb559bbffddf430b07d408d74285c639%7C91c369b51c9e439c989c1867ec606603%7C0%7C0%7C637051014645479861&sdata=NmD0lHSiQw0DbM8voUKjVOFX2fSnDwhyqaZvA7%2BBmnA%3D&reserved=0> FAQ: http://www.balabit.com/wiki/syslog-ng-faq <https://nam05.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.balabit.com%2Fwiki%2Fsyslog-ng-faq&data=02%7C01%7Cgabor.nagy%40oneidentity.com%7Cfb559bbffddf430b07d408d74285c639%7C91c369b51c9e439c989c1867ec606603%7C0%7C0%7C637051014645489858&sdata=9VaEY4yqC3Y8y0gQZbVY6M0g%2F2rhXsfXRlw2%2Fwbik2s%3D&reserved=0>
______________________________________________________________________________ Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng <https://nam05.safelinks.protection.outlook.com/?url=https%3A%2F%2Flists.balabit.hu%2Fmailman%2Flistinfo%2Fsyslog-ng&data=02%7C01%7Cgabor.nagy%40oneidentity.com%7Cfb559bbffddf430b07d408d74285c639%7C91c369b51c9e439c989c1867ec606603%7C0%7C0%7C637051014645489858&sdata=EWEYbbHYLIenlmGBceeB%2B0pLauNIABFmT0dt6%2F77TUs%3D&reserved=0> Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng <https://nam05.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.balabit.com%2Fsupport%2Fdocumentation%2F%3Fproduct%3Dsyslog-ng&data=02%7C01%7Cgabor.nagy%40oneidentity.com%7Cfb559bbffddf430b07d408d74285c639%7C91c369b51c9e439c989c1867ec606603%7C0%7C0%7C637051014645499850&sdata=mVlgDpNt3RVoHdr7ESi2Im89VnA0W7NOjkQbB11V3LM%3D&reserved=0> FAQ: http://www.balabit.com/wiki/syslog-ng-faq <https://nam05.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.balabit.com%2Fwiki%2Fsyslog-ng-faq&data=02%7C01%7Cgabor.nagy%40oneidentity.com%7Cfb559bbffddf430b07d408d74285c639%7C91c369b51c9e439c989c1867ec606603%7C0%7C0%7C637051014645499850&sdata=mNe53MBvTKfpkm1a%2FS6rEvCtYPwO3Pfjca0jLyPNeqw%3D&reserved=0>
______________________________________________________________________________ Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng <https://nam05.safelinks.protection.outlook.com/?url=https%3A%2F%2Flists.balabit.hu%2Fmailman%2Flistinfo%2Fsyslog-ng&data=02%7C01%7Cgabor.nagy%40oneidentity.com%7Cfb559bbffddf430b07d408d74285c639%7C91c369b51c9e439c989c1867ec606603%7C0%7C0%7C637051014645509849&sdata=YUrhyXSF6MkgRfRsxlOWqsSBsedoNo8UPb292Y0vTps%3D&reserved=0> Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng <https://nam05.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.balabit.com%2Fsupport%2Fdocumentation%2F%3Fproduct%3Dsyslog-ng&data=02%7C01%7Cgabor.nagy%40oneidentity.com%7Cfb559bbffddf430b07d408d74285c639%7C91c369b51c9e439c989c1867ec606603%7C0%7C0%7C637051014645509849&sdata=I2zhc1DPDcvLEShMr4v2V2MgtEZf72oDOvqx%2F607r%2BA%3D&reserved=0> FAQ: http://www.balabit.com/wiki/syslog-ng-faq <https://nam05.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.balabit.com%2Fwiki%2Fsyslog-ng-faq&data=02%7C01%7Cgabor.nagy%40oneidentity.com%7Cfb559bbffddf430b07d408d74285c639%7C91c369b51c9e439c989c1867ec606603%7C0%7C0%7C637051014645519834&sdata=eicWBDsPB4aguw98EKqegLs0ZBNcHmbifbm8lEFeKF0%3D&reserved=0>
______________________________________________________________________________ Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng FAQ: http://www.balabit.com/wiki/syslog-ng-faq
participants (3)
-
Attila Szakacs (aszakacs)
-
Gabor Nagy (gnagy)
-
Raghunath Adhyapak