Deployment Guide
$DefaultNetstreamDriver gtls
$DefaultNetstreamDriverCAFile /etc/ssl/7signal/7signal-syslog-ca.pem
$DefaultNetstreamDriverCertFile /etc/ssl/7signal/7signal-syslog-server-cert.pem
$DefaultNetstreamDriverKeyFile /etc/ssl/7signal/private/7signal-syslog-server-key.pem
$InputTCPServerStreamDriverAuthMode x509/name
$InputTCPServerStreamDriverPermittedPeer Eye
$InputTCPServerStreamDriverMode 1
$InputTCPServerRun 10514
$template EyeMessages,"/var/log/EyeLogs"
if $source != 'localhost' then ?EyeMessages
& stop
The configuration above:
● Enables remote TLS syslogs for “Eye” peers
● Uses custom TCP port 10514
● Configures authentication
● Redirects log entries from Eyes to /var/log/EyeLogs
If SELinux is enabled and a custom port (not 6514 or 601) is wanted to be used:
Install policycoreutils:
$ sudo yum install policycoreutils-python
Configure the custom port:
7signal Solutions Inc., 6155 Rockside Road, Suite 110, Independence, Ohio 44131, USA,
216-777-2900, info@7signal.com, www.7signal.com