Use this documentation with care! It describes the heavily outdated version 5, which was actively developed around 2010 and is considered dead by the rsyslog team for many years now.

This documentation reflects the latest update of the previously existing (now removed) v5-stable branch. It describes the 5.10.2 version, which was never released. As such, it contains some content that does not apply to any released version.

To obtain the doc that properly matches your installed v5 version, obtain the doc set from your distro. Each version of rsyslog contained the version that exactly matches it.

As general advise, it is strongly suggested to upgrade to the current version supported by the rsyslog project. The current version can always be found on the right-hand side info box on the rsyslog web site.

Note that there is no rsyslog community support available for this heavily outdated version. If you need to stick with it, please ask your distribution for support.

imgssapi: GSSAPI Syslog Input Module

Provides the ability to receive syslog messages from the network protected via Kerberos 5 encryption and authentication. This module also accept plain tcp syslog messages on the same port if configured to do so. If you need just plain tcp, use imtcp instead.

Note: This is a contributed module, which is not supported by the rsyslog team. We recommend to use RFC5425 TLS-protected syslog instead.

Author:varmojfekoj

Configuration Directives

$InputGSSServerRun <port>

Starts a GSSAPI server on selected port - note that this runs independently from the TCP server.

$InputGSSServerServiceName <name>

The service name to use for the GSS server.

$InputGSSServerPermitPlainTCP on|off

Permits the server to receive plain tcp syslog (without GSS) on the same port

$InputGSSServerMaxSessions <number>

Sets the maximum number of sessions supported

Caveats/Known Bugs

  • module always binds to all interfaces
  • only a single listener can be bound

Example

This sets up a GSS server on port 1514 that also permits to receive plain tcp syslog messages (on the same port):

$ModLoad imgssapi # needs to be done just once
$InputGSSServerRun 1514
$InputGSSServerPermitPlainTCP on