OPNsense Forum

English Forums => General Discussion => Topic started by: erickufrin on April 19, 2018, 01:48:06 pm

Title: Syslog over TLS
Post by: erickufrin on April 19, 2018, 01:48:06 pm

Is it possible to configure TLS for syslog? Is anything special needed beyond just defining the TLS port number for my syslog target? want to secure that traffic.

Title: Re: Syslog over TLS
Post by: Alphakilo on April 19, 2018, 02:02:11 pm

And do authentication for that matter?

That's one of my reoccurring nightmares: A compromised / spoofed syslog sink that gives adversaries real time feedback on their moves.

Title: Re: Syslog over TLS
Post by: franco on April 20, 2018, 01:37:15 pm

FreeBSD's syslog doesn't support TCP... which means we can't do TLS as well.

I have imported syslog-ng into the development version a few months ago intending to work on using that for syslog export, which would allow TCP and TLS.

Other things got in the way since, but it's still planned for 18.7.


Cheers,
Franco

Title: Re: Syslog over TLS
Post by: erickufrin on April 20, 2018, 10:15:07 pm

Excellent. thank you for working on/towards this. I will watch for it in 18.7.

Title: Re: Syslog over TLS
Post by: kapara on April 22, 2019, 07:41:12 am

What is the status of this?  Was it added?  I looked in the logging section of the GUI but found no mention of TLS as an option.

Title: Re: Syslog over TLS
Post by: franco on April 22, 2019, 12:31:00 pm

We do not have any contributor's time allocated for this still.


Cheers,
Franco