Re: [rsyslog] IETF template?
unfortunantly the first of the two images didn't come through for me, can you try again? David Lang On Wed, 27 Jun 2018, Delon Lee Di Lun wrote: Date: Wed, 27 Jun 2018 17:24:37 +0800 From: Delon Lee Di Lun To: David Lang Cc: Delon Lee Di Lun via rsyslog , Rainer Gerhards Subject: Re: [rsyslog] IETF template? Hi, Is it suppose to be like this? [image: image.png] In the definition, is the entire "SYSLOG-MSG" in the "Message" field above? [image: image.png] Yours Sincerely, Delon Lee On Mon, 25 Jun 2018, 10:15 David Lang, wrote: what do you mean "does not change the acutal packagesent"? change it from what? Rsyslog_SyslogProtocol23Format is what RFC-5424 was based on, so they should match (and any differences are unknown bugs) I agree, we should create an alias that makes it much more obvious that this is the new standard format. David Lang On Sun, 24 Jun 2018, Delon Lee Di Lun via rsyslog wrote: Date: Sun, 24 Jun 2018 21:34:15 +0800 From: Delon Lee Di Lun via rsyslog To: Rainer Gerhards Cc: Delon Lee Di Lun , rsyslog-users Subject: Re: [rsyslog] IETF template? But it does not change the actual packet being sent? On Fri, 22 Jun 2018, 21:42 Rainer Gerhards, wrote: 2018-06-22 15:27 GMT+02:00 Delon Lee Di Lun via rsyslog : Hi All, I have set my output template as RSYSLOG_SyslogProtocol23Format is this the RFC 5424? yes - we used rsyslog when crafting RFC5424, and the template name is historically based on the draft ID. We should probably add an alias... Rainer I tcpdump my traffic and it seems like the syslog packet is the same. is it suppose to be? Yours Sincerely, Delon Lee ___ rsyslog mailing list http://lists.adiscon.net/mailman/listinfo/rsyslog http://www.rsyslog.com/professional-services/ What's up with rsyslog? Follow https://twitter.com/rgerhards NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE THAT. ___ rsyslog mailing list http://lists.adiscon.net/mailman/listinfo/rsyslog http://www.rsyslog.com/professional-services/ What's up with rsyslog? Follow https://twitter.com/rgerhards NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE THAT. ___ rsyslog mailing list http://lists.adiscon.net/mailman/listinfo/rsyslog http://www.rsyslog.com/professional-services/ What's up with rsyslog? Follow https://twitter.com/rgerhards NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE THAT.
[rsyslog] Experiences with Rsyslog with TLS
Am interested in experiences with running rsyslog as TLS sender/receiver. What rsyslog version (GnuTLS version) do you run? How many clients? What type of devices the clients are? What message and data rate? What auth method? Any issues do/did you face? Forwarding via Internet (to external IP) or via VPN or in LAN? -- Peter ___ rsyslog mailing list http://lists.adiscon.net/mailman/listinfo/rsyslog http://www.rsyslog.com/professional-services/ What's up with rsyslog? Follow https://twitter.com/rgerhards NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE THAT.
Re: [rsyslog] IETF template?
Hi, Is it suppose to be like this? [image: image.png] In the definition, is the entire "SYSLOG-MSG" in the "Message" field above? [image: image.png] Yours Sincerely, Delon Lee On Mon, 25 Jun 2018, 10:15 David Lang, wrote: > what do you mean "does not change the acutal packagesent"? > > change it from what? > > Rsyslog_SyslogProtocol23Format is what RFC-5424 was based on, so they > should > match (and any differences are unknown bugs) > > I agree, we should create an alias that makes it much more obvious that > this is > the new standard format. > > David Lang > > On Sun, 24 Jun 2018, Delon Lee Di Lun via rsyslog wrote: > > > Date: Sun, 24 Jun 2018 21:34:15 +0800 > > From: Delon Lee Di Lun via rsyslog > > To: Rainer Gerhards > > Cc: Delon Lee Di Lun , > > rsyslog-users > > Subject: Re: [rsyslog] IETF template? > > > > But it does not change the actual packet being sent? > > > > On Fri, 22 Jun 2018, 21:42 Rainer Gerhards, > > wrote: > > > >> 2018-06-22 15:27 GMT+02:00 Delon Lee Di Lun via rsyslog > >> : > >>> Hi All, > >>> > >>> I have set my output template as RSYSLOG_SyslogProtocol23Format is this > >> the > >>> RFC 5424? > >> > >> yes - we used rsyslog when crafting RFC5424, and the template name is > >> historically based on the draft ID. We should probably add an alias... > >> > >> Rainer > >>> > >>> I tcpdump my traffic and it seems like the syslog packet is the same. > is > >> it > >>> suppose to be? > >>> > >>> Yours Sincerely, > >>> Delon Lee > >>> > >>> ___ > >>> rsyslog mailing list > >>> http://lists.adiscon.net/mailman/listinfo/rsyslog > >>> http://www.rsyslog.com/professional-services/ > >>> What's up with rsyslog? Follow https://twitter.com/rgerhards > >>> NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a > myriad > >> of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you > >> DON'T LIKE THAT. > >> > > ___ > > rsyslog mailing list > > http://lists.adiscon.net/mailman/listinfo/rsyslog > > http://www.rsyslog.com/professional-services/ > > What's up with rsyslog? Follow https://twitter.com/rgerhards > > NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad > of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you > DON'T LIKE THAT. > > > ___ rsyslog mailing list http://lists.adiscon.net/mailman/listinfo/rsyslog http://www.rsyslog.com/professional-services/ What's up with rsyslog? Follow https://twitter.com/rgerhards NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE THAT.