imgssapi: GSSAPI Syslog Input Module¶
Provides the ability to receive syslog messages from the network protected via Kerberos 5 encryption and authentication. This module also accept plain tcp syslog messages on the same port if configured to do so. If you need just plain tcp, use imtcp instead.
Note: This is a contributed module, which is not supported by the rsyslog team. We recommend to use RFC5425 TLS-protected syslog instead.
Author:varmojfekoj
Configuration Parameters¶
Note: parameter names are case-insensitive.
-
$InputGSSServerRun <port>
Starts a GSSAPI server on selected port - note that this runs independently from the TCP server.
-
$InputGSSServerServiceName <name>
The service name to use for the GSS server.
-
$InputGSSServerPermitPlainTCP on|off
Permits the server to receive plain tcp syslog (without GSS) on the same port
-
$InputGSSServerMaxSessions <number>
Sets the maximum number of sessions supported
-
$InputGSSServerKeepAlive on|off
Requires: 8.5.0 or above
Default: off
Enables or disable keep-alive handling.
Caveats/Known Bugs¶
- module always binds to all interfaces
- only a single listener can be bound
Example¶
This sets up a GSS server on port 1514 that also permits to receive plain tcp syslog messages (on the same port):
$ModLoad imgssapi # needs to be done just once
$InputGSSServerRun 1514
$InputGSSServerPermitPlainTCP on
See also
If you would like to contribute to these docs, but are unsure where to start, please see the rsyslog-doc project README for an overview of the process. If you would like to contribute to the main source project, please review the contribution guidelines listed in the rsyslog project README.
If you have a question about these docs or Rsyslog
in general, please
see the following resources: