Hello,
Is there a tutorial or wiki somewhere that can help me setup opnsense to send logs to a remote rsyslog server that requires TLS?
I have this working on several other machines using the following tutorial: https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/security_hardening/assembly_configuring-a-remote-logging-solution_security-hardening
My typical client config inside /etc/rsyslog.d looks something like:
global(
DefaultNetstreamDriver="gtls"
DefaultNetstreamDriverCAFile="/usr/local/share/ca-certificates/BLA.crt"
DefaultNetstreamDriverCertFile="/etc/ssl/mike/bla.chain.pem"
DefaultNetstreamDriverKeyFile="/etc/ssl/mike/bla.key.pem"
)
I've also gotten this to work with syslog-ng as a client, but I don't have access to that config at the moment.
Update: All I had to do was wait for 22.7 to come out. It has extra TLS options right in Logging -> Remote Targets.