Skip to content

Commit 089f446

Browse files
committed
Review note: merged relay section
Signed-off-by: mrgarris0n <gergely.karacsonyi@gmail.com>
1 parent 1e19ebc commit 089f446

File tree

2 files changed

+77
-83
lines changed

2 files changed

+77
-83
lines changed

doc/_admin-guide/040_Quick-start_guide/002_Configuring_syslog-ng_relays/000_Configuring_syslog-ng_on_relay_hosts.md

Lines changed: 0 additions & 81 deletions
This file was deleted.
Lines changed: 77 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,81 @@
11
---
22
title: Configuring {{ site.product.short_name }} relays
3-
id: adm-qs-conf
3+
id: adm-qs-relay-conf
44
description: >-
5-
This chapter describes how to configure {{ site.product.short_name }} as a relay.
5+
This section describes how to configure {{ site.product.short_name }} as a relay.
66
---
7+
8+
To configure {{ site.product.short_name }} as a relay, complete the following steps:
9+
10+
1. Install the {{ site.product.short_name }} application on the host. For details on
11+
installing {{ site.product.short_name }} on specific operating systems, see
12+
Installing syslog-ng.
13+
2. Configure the network sources that collect the log messages sent by
14+
the clients.
15+
16+
3. Create a network destination that points to the {{ site.product.short_name }} server.
17+
18+
4. Create a log statement connecting the network sources to the
19+
{{ site.product.short_name }} server.
20+
21+
5. Configure the local sources that collect the log messages of the
22+
relay host.
23+
24+
6. Create a log statement connecting the local sources to the syslog-ng
25+
server.
26+
27+
7. Enable the keep-hostname() and disable the chain-hostnames()
28+
options. (For details on how these options work, see
29+
chain-hostnames()
30+
31+
**NOTE:** It is recommended to use these options on your {{ site.product.short_name }}
32+
server as well.
33+
{: .notice--info}
34+
35+
8. Set filters and options (for example, TLS encryption) as necessary.
36+
37+
**NOTE:** By default, the {{ site.product.short_name }} server will treat the relayed
38+
messages as if they were created by the relay host, not the host
39+
that originally sent them to the relay. In order to use the original
40+
hostname on the {{ site.product.short_name }} server, use the **keep-hostname(yes)**
41+
option both on the {{ site.product.short_name }} relay and the {{ site.product.short_name }} server. This
42+
option can be set individually for every source if needed.
43+
{: .notice--info}
44+
45+
If you are relaying log messages and want to resolve IP addresses to
46+
hostnames, configure the first relay to do the name resolution.
47+
48+
Example: A simple configuration for relays
49+
50+
The following is a simple configuration file that collects local and
51+
incoming log messages and forwards them to a logserver using the
52+
IETF-syslog protocol.
53+
54+
```config
55+
@version: 3.38
56+
@include "scl.conf"
57+
58+
options {
59+
time-reap(30);
60+
mark-freq(10);
61+
keep-hostname(yes);
62+
chain-hostnames(no);
63+
};
64+
65+
source s_local {
66+
system(); internal();
67+
};
68+
69+
source s_network {
70+
syslog(transport(tcp));
71+
};
72+
73+
destination d_syslog_tcp {
74+
syslog("192.168.1.5" transport("tcp") port(2010));
75+
};
76+
77+
log {
78+
source(s_local); source(s_network);
79+
destination(d_syslog_tcp);
80+
};
81+
```

0 commit comments

Comments
 (0)