[rsyslog-notify] Forum Thread: Re: Configuring rsyslog for RFC 3195 syslog - (Mode 'reply')
noreply at adiscon.com
noreply at adiscon.com
Thu Sep 25 17:20:18 CEST 2014
User: jdrizzle
Forumlink: http://kb.monitorware.com/viewtopic.php?p=24956#p24956
Message:
----------
I am running rsyslog-7.6.5-9.el5.centos with the following configuration:
$ModLoad im3195 $Input3195ListenPort 601
module(load="imudp")
module(load="omudpspoof")
module(load="imtcp" MaxSessions="500")
input(type="imudp" port="514" rcvbufSize="256m")
input(type="imtcp" port="514" rcvbufSize="256m")
I could not find any documentation of the new config format for the im3195
module. After restarting rsyslog, I do not see TCP 601 open and listening.
I saw someone mention that the module is no longer available with newer
versions of rsyslog. Is this true?
Also, Fortinet security appliances (Fortigate UTM's) only support syslog
over TCP via RFC 3195 format. We are a large Fortigate shop and have the
mandate to migrate from syslog over UDP to syslog over TCP.
Thanks
More information about the rsyslog-notify
mailing list