Merge pull request #17 from ebr/tls

Use only TLS when sending to Loggly
sendgridlabs · Oct 1, 2015 · 6d2bf84 · 6d2bf84
2 parents 9d9dd83 + 6c6b963
commit 6d2bf84
Showing 1 changed file with 9 additions and 8 deletions.
diff --git a/rsyslog.conf b/rsyslog.conf
@@ -8,9 +8,6 @@ $ModLoad omstdout.so       # provide messages to stdout
 # Loggly template format
 $template LogglyFormat,"<%pri%>%protocol-version% %timestamp:::date-rfc3339% %HOSTNAME% %app-name% %procid% %msgid% [LOGGLY_AUTH_TOKEN@41058 tag=\"LOGGLY_TAG\"] %msg%\n"
 
-# Send everything to Loggly
-*.* @@logs-01.loggly.com:514;LogglyFormat
-
 # Setup disk assisted queues. An on-disk queue is created for this action.
 # If the remote host is down, messages are spooled to disk and sent when
 # it is up again.
@@ -21,16 +18,20 @@ $ActionQueueSaveOnShutdown on     # save messages to disk on shutdown
 $ActionQueueType LinkedList       # run asynchronously
 $ActionResumeRetryCount -1        # infinite retries if host is down
 
-# TCP + SSL/TLS Syslog Server
-$ModLoad imtcp         # provides TCP syslog reception
-$ActionSendStreamDriver gtls
+#RsyslogGnuTLS
 $DefaultNetstreamDriverCAFile /etc/rsyslog.d/keys/ca.d/loggly.crt
+$ActionSendStreamDriver gtls
+$ActionSendStreamDriverMode 1
 $ActionSendStreamDriverAuthMode x509/name
 $ActionSendStreamDriverPermittedPeer *.loggly.com
-$ActionSendStreamDriverMode 1
+
+# Send everything to Loggly over TLS
+*.* @@logs-01.loggly.com:6514;LogglyFormat
+
+# TCP Syslog Server
+$ModLoad imtcp         # provides TCP syslog reception
 $InputTCPServerRun 514 # start a TCP syslog server at standard port 514
 
 # UDP Syslog Server
 $ModLoad imudp         # provides UDP syslog reception
 $UDPServerRun 514      # start a UDP syslog server at standard port 514
-