imgssapi: GSSAPI Syslog Input Module¶
Provides the ability to receive syslog messages from the network protected via Kerberos 5 encryption and authentication. This module also accept plain tcp syslog messages on the same port if configured to do so. If you need just plain tcp, use imtcp instead.
Note: This is a contributed module, which is not supported by the rsyslog team. We recommend to use RFC5425 TLS-protected syslog instead.
Author:varmojfekoj
Configuration Parameters¶
Note: parameter names are case-insensitive.
-
$InputGSSServerRun <port>
Starts a GSSAPI server on selected port - note that this runs independently from the TCP server.
-
$InputGSSServerServiceName <name>
The service name to use for the GSS server.
-
$InputGSSServerPermitPlainTCP on|off
Permits the server to receive plain tcp syslog (without GSS) on the same port
-
$InputGSSServerMaxSessions <number>
Sets the maximum number of sessions supported
-
$InputGSSServerKeepAlive on|off
Requires: 8.5.0 or above
Default: off
Enables or disable keep-alive handling.
Caveats/Known Bugs¶
- module always binds to all interfaces
- only a single listener can be bound
Example¶
This sets up a GSS server on port 1514 that also permits to receive plain tcp syslog messages (on the same port):
$ModLoad imgssapi # needs to be done just once
$InputGSSServerRun 1514
$InputGSSServerPermitPlainTCP on