Syslog over TLS

Started by erickufrin, April 19, 2018, 01:48:06 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
April 19, 2018, 01:48:06 PM Last Edit: April 19, 2018, 01:55:35 PM by erickufrin
Is it possible to configure TLS for syslog? Is anything special needed beyond just defining the TLS port number for my syslog target? want to secure that traffic.
April 19, 2018, 02:02:11 PM #1
And do authentication for that matter?

That's one of my reoccurring nightmares: A compromised / spoofed syslog sink that gives adversaries real time feedback on their moves.
April 20, 2018, 01:37:15 PM #2
FreeBSD's syslog doesn't support TCP... which means we can't do TLS as well.

I have imported syslog-ng into the development version a few months ago intending to work on using that for syslog export, which would allow TCP and TLS.

Other things got in the way since, but it's still planned for 18.7.


Cheers,
Franco
April 20, 2018, 10:15:07 PM #3
Excellent. thank you for working on/towards this. I will watch for it in 18.7.
April 22, 2019, 07:41:12 AM #4
What is the status of this?  Was it added?  I looked in the logging section of the GUI but found no mention of TLS as an option.
April 22, 2019, 12:31:00 PM #5
We do not have any contributor's time allocated for this still.


Cheers,
Franco
Print
Go Up Pages1
User actions