Bug 488068 - RFE: rsyslog rebase to support TLS and conditional filters
RFE: rsyslog rebase to support TLS and conditional filters
Status: CLOSED ERRATA
Product: Red Hat Enterprise Linux 5
Classification: Red Hat
Component: rsyslog (Show other bugs)
5.3
All Linux
low Severity medium
: rc
: ---
Assigned To: Tomas Heinrich
BaseOS QE
: FutureFeature, Rebase, Triaged
Depends On:
Blocks: 557292 475217 5.5TechNotes-Updates
  Show dependency treegraph
 
Reported: 2009-03-02 08:41 EST by Jim Perrin
Modified: 2010-11-22 18:16 EST (History)
17 users (show)

See Also:
Fixed In Version:
Doc Type: Rebase: Bug Fixes and Enhancements
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2010-03-30 04:17:18 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:


Attachments (Terms of Use)

  None (edit)
Description Jim Perrin 2009-03-02 08:41:56 EST
Description of problem: the rsyslog shipped with RHEL does not natively support TLS, and the use of conditional log filters is questionable at best. 


Version-Release number of selected component (if applicable):
2.0.0-11.el5

How reproducible:
always

Steps to Reproduce:
1. yum install rsyslog
2. rsyslog now requires the use of stunnel for ssl/tls protected logs
3. rsyslog now only partially supports conditional filters.
  
Actual results:
steps 2 and 3 in this RFE to reproduce. 

Expected results:
It would be quite nice if rsyslog could be rebased to 3.x, which has native support for ssl/tls protection for transmitted logs. 

Additional info:
This RFE would help meet more stringent logging requirements and protect the data as it passes over the network between remote machines and a centralized logging server.  Since rsyslog is not the default logger in RHEL, and rsyslog 3 is backwards compatible with the rsyslog2 style configs it should not be a huge deal to rebase this utility to provide more use and functionality native to the logger. 
Using stunnel adds an additional layer of complication and potential failure here. With native encryption support, there's less to configure, less to troubleshoot, and less to break.
Comment 2 Jim Perrin 2009-04-07 07:03:03 EDT
Just a ping to keep this alive.
Comment 11 Joseph W. Breu 2009-06-23 10:34:28 EDT
I too would like to see 3.x brought into the mainstream channel.  The ability to queue messages to a down syslog server on the local disk is very attractive as well as importing log files from disk into syslog.
Comment 12 Jim Perrin 2009-09-22 10:41:20 EDT
No traffic on this at all?
Comment 14 Jim Perrin 2009-10-20 09:57:31 EDT
Where did comments 3-10 go from this? 

Is anyone from rh going to respond here?
Comment 15 Chris Evich 2009-10-20 11:41:26 EDT
Not sure about the comments.  Despite lack of public updates, this is an active request.  At this point, I wouldn't worry too much about it being dropped, as there are multiple customers interested in it.  I'm sure we'll hear some official words from PM/Eng. before too long.
Comment 17 Johannes Russek 2009-10-27 13:18:53 EDT
I'd like to see that rebase too, in my case for support of newer templates.
Comment 19 Jim Perrin 2009-11-18 11:33:25 EST
Is there a developmental/testing package for this similar to the testing kernels that dzickus offers on his rh page?
Comment 20 Steve Grubb 2009-11-18 12:00:00 EST
I would say that this:

http://mirrors.kernel.org/fedora/updates/11/SRPMS/rsyslog-3.22.1-1.fc11.src.rpm

is close enough to test with wrt to tls and filters. We will be adding a couple new patches, but they should not affect tls or filters.
Comment 24 Chris Ward 2010-02-11 05:14:10 EST
~~ Attention Customers and Partners - RHEL 5.5 Beta is now available on RHN ~~

RHEL 5.5 Beta has been released! There should be a fix present in this 
release that addresses your request. Please test and report back results 
here, by March 3rd 2010 (2010-03-03) or sooner.

Upon successful verification of this request, post your results and update 
the Verified field in Bugzilla with the appropriate value.

If you encounter any issues while testing, please describe them and set 
this bug into NEED_INFO. If you encounter new defects or have additional 
patch(es) to request for inclusion, please clone this bug per each request
and escalate through your support representative.
Comment 35 errata-xmlrpc 2010-03-30 04:17:18 EDT
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on therefore solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHBA-2010-0213.html

Note You need to log in before you can comment on or make changes to this bug.