Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    syslog-ng - send logs using TCP and TLS

    Scheduled Pinned Locked Moved pfSense Packages
    4 Posts 2 Posters 680 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • E
      e-1-1
      last edited by

      Hi all,

      Trying to configure a brand new syslog-ng installation here for secure log transport from the firewall where this daemon is running.

      In pfSense book I can't find anything about this.

      From Jim's post on issue #10486, looks like it's possible. But how?

      1 Reply Last reply Reply Quote 0
      • bmeeksB
        bmeeks
        last edited by bmeeks

        I did a quick Google search using these terms -- syslog-ng tls tutorial and found lots of hits (pages of them, actually). There are examples for many different OS setups.

        Also found an old thread here on the Netgate forums about this, and the user there apparently finally had some success. Keep in mind this was with older versions of both pfSense and syslog-ng (as in five years ago): https://forum.netgate.com/topic/80368/syslog-ng-tls-configuration-help-2-1-5.

        You are not likely to find a step-by-step tutorial written explicitly for pfSense 2.4.5. But if you are willing to read and learn from all the tutorials out on the web using other operating systems, you can create your own configuration. If you are successful, then return here and share your knowledge ... ☺. That helps the next guy who comes along with the same question.

        E 1 Reply Last reply Reply Quote 0
        • E
          e-1-1 @bmeeks
          last edited by

          @bmeeks first of all, thanks for all the work you're doing with Suricata!

          Yup, manual config is possbile with syslog-ng. Myself, I prefer to use GUI methods to minimize errors and configuration drift.

          I was sincerely hoping a GUI method is available. Am already using such a setup, but with Barracudas.

          Guess a feature request is in order for this.

          bmeeksB 1 Reply Last reply Reply Quote 0
          • bmeeksB
            bmeeks @e-1-1
            last edited by bmeeks

            @e-1-1 said in syslog-ng - send logs using TCP and TLS:

            @bmeeks first of all, thanks for all the work you're doing with Suricata!

            Yup, manual config is possbile with syslog-ng. Myself, I prefer to use GUI methods to minimize errors and configuration drift.

            I was sincerely hoping a GUI method is available. Am already using such a setup, but with Barracudas.

            Guess a feature request is in order for this.

            Or learn a little PHP programming know-how (if you don't have it already) and create a package for this feature. Become a volunteer package maintainer. That's what I did for Snort (when I took over its maintenance) and later when I created the Suricata package. That's the beauty of open-source software.

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.