[syslog-ng] Syslog-ng client through a load balancer with SSL/TLS encryption
Scheidler, Balázs
balazs.scheidler at balabit.com
Thu Aug 18 18:23:08 CEST 2016
syslog-ng at least in its open source incarnation does not support load
balancing. the premium edition team has a feature that does fail-over to a
list of servers, but that is yet to be ported over to the OSE version, even
though the code is available.
Here's the general description on how that works:
https://www.balabit.com/documents/syslog-ng-pe-latest-guides/en/syslog-ng-pe-guide-admin/html/concepts-failover.html
This is how it can be configured in Premium Edition:
https://www.balabit.com/documents/syslog-ng-pe-latest-guides/en/syslog-ng-pe-guide-admin/html/reference-destination-network-chapter.html
On the open source side, it'd be great to have these features integrated to
the open source tree, and it is something that Balabit is working on, but
it's still time until those can be fully merged.
With all this being said, you either have the option to approach Balabit
with this request and continue the commercial route, OR help us porting the
code in question OR you can wait until we get there. I can help with any of
these :)
Cheers,
Bazsi
--
Bazsi
On Fri, Aug 12, 2016 at 12:07 AM, Lupo, Joseph <Joseph.Lupo at t-mobile.com>
wrote:
> I am trying to setup Syslog-ng to relay messages from one syslog server to
> another with a load balancer in between. I am also using TLS encryption.
> The issue I’m having right now is that when the client intiates the
> connection, it seems to lock on to a particular back end syslog server and
> send all of its messages there instead of switching off to another one. On
> its own this isn’t a big problem except that if that system goes down, the
> client doesn’t seem to be aware. I also haven’t found a good way to force
> syslog-ng to close and re-establish its connections without fully shutting
> down the relay system. We currently have no persistence setup on the load
> balancer.
>
>
>
> Is there a way to tell the relay server to periodically reconnect? Maybe
> send a certain amount of messages or data before reconnecting so that the
> data is balanced across the backend syslog-ng servers? Also, is there a
> better way to have the relay system learn about the remote server going
> offline so it can immediately reset its connection?
>
> ____________________________________________________________
> __________________
> Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng
> Documentation: http://www.balabit.com/support/documentation/?
> product=syslog-ng
> FAQ: http://www.balabit.com/wiki/syslog-ng-faq
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.balabit.hu/pipermail/syslog-ng/attachments/20160818/d09f22b7/attachment.htm
More information about the syslog-ng
mailing list