OK, thx, I'll check into gnutls. On 12/9/09 1:59 AM, Rainer Gerhards wrote: >> -----Original Message----- >> From: [email protected] [mailto:rsyslog- >> [email protected]] On Behalf Of Rory Toma >> Sent: Tuesday, December 08, 2009 11:10 PM >> To: rsyslog-users >> Subject: Re: [rsyslog] Help with client config >> >> And, actually, this only happens some of the time, where some of the >> time means never on my dev systems and always on remote ones that I >> can't easily debug. 8-) >> > Now you feel a bit like me ;) > > >> >> Rory Toma wrote: >> >>> It works just fine without tls. I do not know much about tls, is >>> >> there a >> >>> default size somewhere that I can swizzle? >>> > TLS is a stream cipher, so it needs some minimal block size to be secure. > However, that minimum is pretty low. Rsyslog does not do any batching by > itself for outbound connections. But it could be that GnuTLS can be tweaked > one way or the other. I'd look into that direction. > > Rainer > > >>> Rainer Gerhards wrote: >>> >>> >>>> Can 1 be a tls (lib) artifact? Can you try with plain tcp? >>>> >>>> ----- Ursprüngliche Nachricht ----- >>>> Von: "Rory Toma"<[email protected]> >>>> An: "rsyslog-users"<[email protected]> >>>> Gesendet: 08.12.09 20:39 >>>> Betreff: [rsyslog] Help with client config >>>> >>>> I have a client config as follows, running on armv4, rsyslog 4.4.2 >>>> >> (I >> >>>> can't get anything newer to compile due to the atomic kernel support >>>> >> not >> >>>> wanting to compile) The problem I'm having is: >>>> >>>> 1) (this is probably an rtfm, but I'll ask it anyway) It seems that >>>> >> my >> >>>> logs being sent over the network are being batched up in huge >>>> >> packets, I >> >>>> see one transaction for a bunch of data. Sometimes this means my >>>> >> logs >> >>>> are delayed quite a bit. >>>> >>>> 2) Sometimes, the client just doesn't send out over the network at >>>> >> all >> >>>> (verified with a tcpdump), but continues logging. >>>> >>>> Any suggestions or config file tweaks welcome. >>>> >>>> thx >>>> >>>> Here is my config: >>>> >>>> $DefaultNetStreamDriverCAFile /etc/ca.pem >>>> >>>> $DefaultNetStreamDriver gtls >>>> $ActionSendStreamDriverMode 1 >>>> $ActionSendStreamDriverAuthMode anon >>>> >>>> $WorkDirectory /var/log >>>> >>>> $ActionQueueType LinkedList >>>> $ActionQueueFileName rsyslog-fwd >>>> $ActionResumeRetryCount -1 >>>> $ActionQueueSaveOnShutdown on >>>> $ActionQueueMaxDiskSpace 256k >>>> >>>> $ModLoad imuxsock >>>> $SystemLogSocketName /var/log/log >>>> $OptimizeForUniprocessor on >>>> >>>> $outchannel >>>> >> locallog,/var/log/locallog,262144,/usr/bin/rotate_locallog >> >>>> *.* @@foo.bar.com:80 >>>> *.* $locallog >>>> >>>> _______________________________________________ >>>> rsyslog mailing list >>>> http://lists.adiscon.net/mailman/listinfo/rsyslog >>>> http://www.rsyslog.com >>>> _______________________________________________ >>>> rsyslog mailing list >>>> http://lists.adiscon.net/mailman/listinfo/rsyslog >>>> http://www.rsyslog.com >>>> >>>> >>>> >>> _______________________________________________ >>> rsyslog mailing list >>> http://lists.adiscon.net/mailman/listinfo/rsyslog >>> http://www.rsyslog.com >>> >>> >> _______________________________________________ >> rsyslog mailing list >> http://lists.adiscon.net/mailman/listinfo/rsyslog >> http://www.rsyslog.com >> > _______________________________________________ > rsyslog mailing list > http://lists.adiscon.net/mailman/listinfo/rsyslog > http://www.rsyslog.com >
_______________________________________________ rsyslog mailing list http://lists.adiscon.net/mailman/listinfo/rsyslog http://www.rsyslog.com
