Best practice: Implementing TLS-secured usage of syslog data

You can implement use of the TLS protocol that is provided by an rsyslog package for TLS-secured sending of messages with syslog data.

The rsyslog-gnutls package and several related packages are installed by default on the Web Gateway appliance system. The rsyslog-gnutls package provides the TLS protocol, which allows you implement TLS encryption for secure sending of log messages from a syslog client to a remote syslog (rsyslog) server.

TLS-secured sending of syslog messages requires the use of SSL certificates for the server and its clients, as well as for a root certificate authority (root CA) that signs these certificates.

The packages that are involved in implementing TLS encryption include:

  • rsyslog-gnutls-5.8.10
  • rsyslog-5.8.10
  • gnutls-2.8.5

For more information about these packages, see the documentation of the vendor who provides them (RSYSLOG).