imgssapi: GSSAPI Syslog Input Module¶
| Module Name: | imgssapi |
| Author: | varmojfekoj |
Purpose¶
Provides the ability to receive syslog messages from the network protected via Kerberos 5 encryption and authentication. This module also accept plain tcp syslog messages on the same port if configured to do so. If you need just plain tcp, use imtcp instead.
Note: This is a contributed module, which is not supported by the rsyslog team. We recommend to use RFC5425 TLS-protected syslog instead.
Configuration Parameters¶
Note
Parameter names are case-insensitive.
Input Parameter¶
Note
Parameter are only available in Legacy Format.
InputGSSServerRun¶
| type | default | mandatory | obsolete legacy directive |
|---|---|---|---|
| word | none | no | $InputGSSServerRun |
Starts a GSSAPI server on selected port - note that this runs independently from the TCP server.
InputGSSServerServiceName¶
| type | default | mandatory | obsolete legacy directive |
|---|---|---|---|
| word | none | no | $InputGSSServerServiceName |
The service name to use for the GSS server.
InputGSSServerPermitPlainTCP¶
| type | default | mandatory | obsolete legacy directive |
|---|---|---|---|
| binary | 0 | no | $InputGSSServerPermitPlainTCP |
Permits the server to receive plain tcp syslog (without GSS) on the same port.
InputGSSServerMaxSessions¶
| type | default | mandatory | obsolete legacy directive |
|---|---|---|---|
| integer | 200 | no | $InputGSSServerMaxSessions |
Sets the maximum number of sessions supported.
InputGSSServerKeepAlive¶
| type | default | mandatory | obsolete legacy directive |
|---|---|---|---|
| binary | 0 | no | $InputGSSServerKeepAlive |
New in version 8.5.0.
Enables or disable keep-alive handling.
InputGSSListenPortFileName¶
| type | default | mandatory | obsolete legacy directive |
|---|---|---|---|
| word | none | no | $InputGSSListenPortFileName |
New in version 8.38.0.
With this parameter you can specify the name for a file. In this file the port, imtcp is connected to, will be written. This parameter was introduced because the testbench works with dynamic ports.
Note
If this parameter is set, 0 will be accepted as the port. Otherwise it is automatically changed to port 514
Caveats/Known Bugs¶
- module always binds to all interfaces
- only a single listener can be bound
Example¶
This sets up a GSS server on port 1514 that also permits to receive plain tcp syslog messages (on the same port):
$ModLoad imgssapi # needs to be done just once
$InputGSSServerRun 1514
$InputGSSServerPermitPlainTCP on
See also
Help with configuring/using Rsyslog:
- Mailing list - best route for general questions
- GitHub: rsyslog source project - detailed questions, reporting issues
that are believed to be bugs with
Rsyslog - Stack Exchange (View, Ask) - experimental support from rsyslog community
See also
Contributing to Rsyslog:
- Source project: rsyslog project README.
- Documentation: rsyslog-doc project README