I would suggest making the information from the cert available as if it
was structured data in the log in 6.3+ that way it can be used for filters
(or logged) as desired.
having the ability to create a single tag that contains a bunch of info
without significantly polluting the namespace or having to hard-code
property names is a _really_ powerful feature.
David Lang
On Fri, 8 Jun 2012, Rainer Gerhards wrote:
-----Original Message-----
From: [email protected] [mailto:rsyslog-
[email protected]] On Behalf Of [email protected]
Sent: Friday, June 08, 2012 9:37 AM
To: rsyslog-users
Subject: [rsyslog] filter incoming logs by client TLS cert?
Hello,
is there a way to filter incoming logs by a unique property of a TLS
certificate?
Sorry - interesting, but currently not possible.
Something along the lines of:
----
Cleint certificate:
Subject: C=LT,O=smt,L=Vilnius,ST=Lietuva,CN=server1.servers.local
Central logging server config:
$InputTCPServerStreamDriverAuthMode x509/name
$InputTCPServerStreamDriverPermittedPeer server1.servers.local
$InputTCPServerStreamDriverMode 1
if tls_client_cn='server1.servers.local' then
/logs/server1.servers.local/logfile
----
?
I'm searching how to authenticate a client.
This is done automatically. No peer other than server1.servers.local can
connect with above config...
Raienr
Thank you,
IgnasR
_______________________________________________
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
What's up with rsyslog? Follow https://twitter.com/rgerhards
_______________________________________________
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
What's up with rsyslog? Follow https://twitter.com/rgerhards
_______________________________________________
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
What's up with rsyslog? Follow https://twitter.com/rgerhards
