omrelp: RELP Output Module¶
Module Name: |
omrelp |
Author: |
Purpose¶
This module supports sending syslog messages over the reliable RELP protocol. For RELP’s advantages over plain tcp syslog, please see the documentation for imrelp (the server counterpart).
Setup
Please note that librelp is required for imrelp (it provides the core relp protocol implementation).
Configuration Parameters¶
Note
Parameter names are case-insensitive; camelCase is recommended for readability.
Module Parameters¶
Parameter |
Summary |
|---|---|
Specifies which TLS library librelp uses for RELP operations. |
Action Parameters¶
Parameter |
Summary |
|---|---|
Defines the remote server omrelp connects to. |
|
Specifies the TCP port number or service name for the RELP connection. |
|
Selects the output template used to format RELP messages. |
|
Sets the RELP session timeout before a connection is considered dead. |
|
Controls how long the socket connection attempt is allowed to take. |
|
Forces periodic reconnection after a configured number of transmitted messages. |
|
Enables or disables TCP keep-alive packets for the RELP connection. |
|
Sets how many keepalive probes are sent before a connection is deemed dead. |
|
Configures the time between successive TCP keepalive probes. |
|
Specifies the idle time before the first TCP keepalive probe is sent. |
|
Overrides the RELP client window size used for message transmission. |
|
Enables TLS encryption for the RELP connection. |
|
Controls whether the TLS stream is compressed. |
|
Restricts which peers may connect based on expected names or fingerprints. |
|
Chooses the mutual authentication mode (fingerprint or name) for TLS. |
|
Specifies the CA certificate used to verify peer certificates. |
|
Provides the path to the machine’s public certificate. |
|
Specifies the path to the machine’s private key for TLS. |
|
Passes a custom GnuTLS priority string to control TLS parameters. |
|
Passes OpenSSL configuration commands to librelp when using the OpenSSL TLS backend. |
|
Sets the local client IP address used when connecting to the remote log server. |
Examples¶
Sending msgs with omrelp¶
The following sample sends all messages to the central server “centralserv” at port 2514 (note that the server must run imrelp on port 2514).
module(load="omrelp")
action(type="omrelp" target="centralserv" port="2514")
Sending msgs with omrelp via TLS¶
This is the same as the previous example but uses TLS (via OpenSSL) for operations.
Certificate files must exist at configured locations. Note that authmode “certvalid” is not very strong - you may want to use a different one for actual deployments. For details, see parameter descriptions.
module(load="omrelp" tls.tlslib="openssl")
action(type="omrelp"
target="centralserv" port="2514" tls="on"
tls.cacert="tls-certs/ca.pem"
tls.mycert="tls-certs/cert.pem"
tls.myprivkey="tls-certs/key.pem"
tls.authmode="certvalid"
tls.permittedpeer="rsyslog")
obsolete legacy directives¶
This module uses old-style action configuration to keep consistent with the forwarding rule. So far, no additional configuration directives can be specified. To send a message via RELP, use
*.* :omrelp:<server>:<port>;<template>
Support: rsyslog Assistant | GitHub Discussions | GitHub Issues: rsyslog source project
Contributing: Source & docs: rsyslog source project
© 2008–2025 Rainer Gerhards and others. Licensed under the Apache License 2.0.