[SOLVED] Logging Target - Remote rsyslog over TLS?

[mike8971267]

Hello,

Is there a tutorial or wiki somewhere that can help me setup opnsense to send logs to a remote rsyslog server that requires TLS?

I have this working on several other machines using the following tutorial: https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/security_hardening/assembly_configuring-a-remote-logging-solution_security-hardening

My typical client config inside /etc/rsyslog.d looks something like:

Code: [Select]

global(
DefaultNetstreamDriver="gtls"
DefaultNetstreamDriverCAFile="/usr/local/share/ca-certificates/BLA.crt"
DefaultNetstreamDriverCertFile="/etc/ssl/mike/bla.chain.pem"
DefaultNetstreamDriverKeyFile="/etc/ssl/mike/bla.key.pem"
)
I've also gotten this to work with syslog-ng as a client, but I don't have access to that config at the moment.

[mike8971267]

Update: All I had to do was wait for 22.7 to come out. It has extra TLS options right in Logging -> Remote Targets.