Added new Loggly TLS config

sendgridlabs · ebr · Jul 6, 2017 · Jul 6, 2017 · Jul 6, 2017 · Jul 6, 2017
commit e326cc2a0810184537e3b61c772c3acfbdcea9b9
diff --git a/rsyslog.conf b/rsyslog.conf
@@ -8,7 +8,9 @@ $ModLoad imtcp         # provides TCP syslog reception
 $ModLoad omstdout.so       # provide messages to stdout
 
 # Loggly template format
-$template LogglyFormat,"<%pri%>%protocol-version% %timestamp:::date-rfc3339% %HOSTNAME% %app-name% %procid% %msgid% [LOGGLY_AUTH_TOKEN@41058 tag=\"LOGGLY_TAG\"] %msg%\n"
+template(name="LogglyFormat" type="string"
+string="<%pri%>%protocol-version% %timestamp:::date-rfc3339% %HOSTNAME% %app-name% %procid% %msgid% [LOGGLY_AUTH_TOKEN@41058 tag=\"LOGGLY_TAG\"] %msg%\n"
+)
 
 # Setup disk assisted queues. An on-disk queue is created for this action.
 # If the remote host is down, messages are spooled to disk and sent when
@@ -26,9 +28,11 @@ $ActionSendStreamDriver gtls
 $ActionSendStreamDriverMode 1
 $ActionSendStreamDriverAuthMode x509/name
 $ActionSendStreamDriverPermittedPeer *.loggly.com
+$MaxMessageSize 64k
+
+# Send messages to Loggly over TCP using the template.
+action(type="omfwd" protocol="tcp" target="logs-01.loggly.com" port="6514" template="LogglyFormat" StreamDriver="gtls" StreamDriverMode="1" StreamDriverAuthMode="x509/name" StreamDriverPermittedPeers="*.loggly.com")
 
-# Send everything to Loggly over TLS
-*.* @@logs-01.loggly.com:6514;LogglyFormat
 
 # TCP Syslog Server
 $InputTCPServerRun 514 # start a TCP syslog server at standard port 514