Note: This bug is displayed in read-only format because the product is no longer active in Red Hat Bugzilla.
For bugs related to Red Hat Enterprise Linux 5 product line. The current stable release is 5.10. For Red Hat Enterprise Linux 6 and above, please visit Red Hat JIRA https://issues.redhat.com/secure/CreateIssue!default.jspa?pid=12332745 to report new issues.

Bug 488068

Summary: RFE: rsyslog rebase to support TLS and conditional filters
Product: Red Hat Enterprise Linux 5 Reporter: Jim Perrin <james.l.perrin>
Component: rsyslogAssignee: Tomas Heinrich <theinric>
Status: CLOSED ERRATA QA Contact: BaseOS QE <qe-baseos-auto>
Severity: medium Docs Contact:
Priority: low    
Version: 5.3CC: cevich, cward, ebenes, gbarros, jbastian, johannes.russek, jwest, konush, lsmid, pasteur, paul, public, pvrabec, rbinkhor, rlerch, sgrubb, tao, theinric
Target Milestone: rcKeywords: FutureFeature, Rebase, Triaged
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Rebase: Bug Fixes and Enhancements
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2010-03-30 08:17:18 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 475217, 541103, 557292    

Description Jim Perrin 2009-03-02 13:41:56 UTC 
Description of problem: the rsyslog shipped with RHEL does not natively support TLS, and the use of conditional log filters is questionable at best. 


Version-Release number of selected component (if applicable):
2.0.0-11.el5

How reproducible:
always

Steps to Reproduce:
1. yum install rsyslog
2. rsyslog now requires the use of stunnel for ssl/tls protected logs
3. rsyslog now only partially supports conditional filters.
  
Actual results:
steps 2 and 3 in this RFE to reproduce. 

Expected results:
It would be quite nice if rsyslog could be rebased to 3.x, which has native support for ssl/tls protection for transmitted logs. 

Additional info:
This RFE would help meet more stringent logging requirements and protect the data as it passes over the network between remote machines and a centralized logging server.  Since rsyslog is not the default logger in RHEL, and rsyslog 3 is backwards compatible with the rsyslog2 style configs it should not be a huge deal to rebase this utility to provide more use and functionality native to the logger. 
Using stunnel adds an additional layer of complication and potential failure here. With native encryption support, there's less to configure, less to troubleshoot, and less to break.
Comment 2 Jim Perrin 2009-04-07 11:03:03 UTC 
Just a ping to keep this alive.
Comment 11 Joseph W. Breu 2009-06-23 14:34:28 UTC 
I too would like to see 3.x brought into the mainstream channel.  The ability to queue messages to a down syslog server on the local disk is very attractive as well as importing log files from disk into syslog.
Comment 12 Jim Perrin 2009-09-22 14:41:20 UTC 
No traffic on this at all?
Comment 14 Jim Perrin 2009-10-20 13:57:31 UTC 
Where did comments 3-10 go from this? 

Is anyone from rh going to respond here?
Comment 15 Chris Evich 2009-10-20 15:41:26 UTC 
Not sure about the comments.  Despite lack of public updates, this is an active request.  At this point, I wouldn't worry too much about it being dropped, as there are multiple customers interested in it.  I'm sure we'll hear some official words from PM/Eng. before too long.
Comment 17 Johannes Russek 2009-10-27 17:18:53 UTC 
I'd like to see that rebase too, in my case for support of newer templates.
Comment 19 Jim Perrin 2009-11-18 16:33:25 UTC 
Is there a developmental/testing package for this similar to the testing kernels that dzickus offers on his rh page?
Comment 20 Steve Grubb 2009-11-18 17:00:00 UTC 
I would say that this:

http://mirrors.kernel.org/fedora/updates/11/SRPMS/rsyslog-3.22.1-1.fc11.src.rpm

is close enough to test with wrt to tls and filters. We will be adding a couple new patches, but they should not affect tls or filters.
Comment 24 Chris Ward 2010-02-11 10:14:10 UTC 
~~ Attention Customers and Partners - RHEL 5.5 Beta is now available on RHN ~~

RHEL 5.5 Beta has been released! There should be a fix present in this 
release that addresses your request. Please test and report back results 
here, by March 3rd 2010 (2010-03-03) or sooner.

Upon successful verification of this request, post your results and update 
the Verified field in Bugzilla with the appropriate value.

If you encounter any issues while testing, please describe them and set 
this bug into NEED_INFO. If you encounter new defects or have additional 
patch(es) to request for inclusion, please clone this bug per each request
and escalate through your support representative.
Comment 35 errata-xmlrpc 2010-03-30 08:17:18 UTC 
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on therefore solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHBA-2010-0213.html