Hello, We are experienceingd an issue when using the Rsyslog imptcp module, data is received in the daemon (confirmed using debug mode) but the messages not added to the log file /var/log/messages. This is a followup from an earlier thread on 10/16, based on feedback from DLang we have fixed the rsyslog.conf to remove legacy syntax for listeners and also tested in debug mode to confirm data is received.
Background: The RSyslog configuration requirement is listening on three ports - UDP 514, TCP/TLS on 6514, and plain TCP on port 601. Rsyslog.conf is attached. We have verified the ports are all open and reachable (Netstat -tunlp shows listeners, verified firewall settings w/ firewall-cmd -list-ports and with semanage port -l). Questions: 1. Its my understanding when configuring TLS with imtcp module that imptcp should be used to provide a plain unencrypted TCP listener; is there a better alternative, or any specific guidelines for this scenario ? 2. With imptcp in place, is there some extra configuration needed to cause these incoming events to be written to the log file (/var/log/messages) ? Thank you, Glenn w. ---------------------------------------------------------------------- This message is intended only for the person(s) to which it is addressed and may contain privileged, confidential and/or insider information. If you have received this communication in error, please notify us immediately by replying to the message and deleting it from your computer. Any disclosure, copying, distribution, or the taking of any action concerning the contents of this message and any attachment(s) by anyone other than the named recipient(s) is strictly prohibited.
rsyslog.conf
Description: rsyslog.conf
_______________________________________________ rsyslog mailing list https://lists.adiscon.net/mailman/listinfo/rsyslog http://www.rsyslog.com/professional-services/ What's up with rsyslog? Follow https://twitter.com/rgerhards NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE THAT.
