On 2012.06.08 13:30, Rainer Gerhards wrote: > > >> -----Original Message----- >> From: [email protected] [mailto:rsyslog- >> [email protected]] On Behalf Of [email protected] >> Sent: Friday, June 08, 2012 9:37 AM >> To: rsyslog-users >> Subject: [rsyslog] filter incoming logs by client TLS cert? >> >> Hello, >> >> is there a way to filter incoming logs by a unique property of a TLS >> certificate? > > Sorry - interesting, but currently not possible.
Ok. >> >> Something along the lines of: >> >> ---- >> Cleint certificate: >> Subject: C=LT,O=smt,L=Vilnius,ST=Lietuva,CN=server1.servers.local >> >> Central logging server config: >> $InputTCPServerStreamDriverAuthMode x509/name >> $InputTCPServerStreamDriverPermittedPeer server1.servers.local >> $InputTCPServerStreamDriverMode 1 >> >> if tls_client_cn='server1.servers.local' then >> /logs/server1.servers.local/logfile >> ---- >> >> ? >> >> I'm searching how to authenticate a client. >> > This is done automatically. No peer other than server1.servers.local can > connect with above config... Yes, but if there are more permitted peers, there is no way of ditinguishing between them. So, if I understand correctly, TLS certificates are good for two things: - encryption on-the-wire - server authentication Thank you. _______________________________________________ rsyslog mailing list http://lists.adiscon.net/mailman/listinfo/rsyslog http://www.rsyslog.com/professional-services/ What's up with rsyslog? Follow https://twitter.com/rgerhards
