Created
April 2, 2020 13:23
-
-
Save lordcirth/f1bb27cae46d9b7afb9cb703e0183fe9 to your computer and use it in GitHub Desktop.
syslog-ng
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
@version: 3.13 | |
# DO NOT EDIT THIS FILE BY HAND - YOUR CHANGES WILL BE OVERWRITTEN | |
# Managed by Salt | |
# https://syslog-ng.com/documents/html/syslog-ng-ose-3.5-guides/en/syslog-ng-ose-guide-admin/html/configure-clients.html | |
# Except: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=788170#10 | |
options { | |
# Default is 60 seconds | |
time-reopen(5); | |
}; | |
source s_salt { | |
file("/var/log/salt/minion"); | |
file("/var/log/salt/master"); | |
}; | |
# Declare destination endpoint | |
# https://www.syslog-ng.com/technical-documents/doc/syslog-ng-open-source-edition/3.19/administration-guide/47#TOPIC-1094641 | |
destination d_network { | |
syslog( | |
"dc-3558-logging.cscf.uwaterloo.ca" | |
#port(6514) | |
transport("tls") | |
tls( | |
peer-verify(required-trusted) | |
# https://www.nineproductions.com/syslog-ng-with-tls-setup-for-centralized-logging/ | |
ca_dir("/etc/syslog-ng/ca.d") | |
) | |
); | |
}; | |
# Connect default logs s_local to remote endpoint | |
# Docs say s_local, but Ubuntu conf uses s_src | |
log { | |
source (s_src); source (s_salt); destination(d_network); | |
}; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
@version: 3.13 | |
# DO NOT EDIT THIS FILE BY HAND - YOUR CHANGES WILL BE OVERWRITTEN | |
# Managed by Salt | |
# https://syslog-ng.com/documents/html/syslog-ng-ose-3.5-guides/en/syslog-ng-ose-guide-admin/html/configure-servers.html | |
# Global options | |
# keep-hostname means we use whatever hostname the client said it was | |
options { keep-hostname(yes); }; | |
# https://www.syslog-ng.com/technical-documents/doc/syslog-ng-open-source-edition/3.19/administration-guide/17 | |
source s_network { | |
default-network-drivers( | |
transport("tls") | |
tls( | |
cert-file("/etc/syslog-ng/cert.d/cert.pem") | |
key-file("/etc/syslog-ng/key.d/privkey.pem") | |
#ca_dir("/etc/syslog-ng/ca.d") | |
# Do not require client cert | |
peer_verify(no) | |
) | |
); | |
}; | |
destination d_graylog { | |
syslog( | |
"127.0.0.1" | |
port(5140) | |
); | |
}; | |
# Connect the two | |
log { | |
source(s_network); destination(d_graylog); | |
}; |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment