Support added in omfwd as instance parameter:
streamdriver.TlsVerifyDepth
Support added in imtcp as module parameter:
streamdriver.TlsVerifyDepth
Can be 2 or higher.
Support added into ossl driver
Support added into gtls driver
Added testcases for both drivers.
Parameter
streamdriver.TlsVerifyDepth
closes: https://github.com/rsyslog/rsyslog/issues/4035
This is added for testbench use - we need it to harden tests that
need to test legacy syntax.
The new directive is NOT intended for users. Thus it is intentionally
NOT DOCUMENTED.
the omhttp test server hangs indefinitely if tests requiring
it fail. This is relevant if the environment ist not destructed
after CI run (the buildbot CI system does not do this on VMs).
To guard against this, we have added a timeout of 30 minutes to
ensure the tool is terminated.
RFC 5424 specifies that an empty APP-NAME needs to be indicated by
"-". Instead, the field could become empty under certain conditions.
If so, outgoing 5424 messages were invalidly formatted.
This happened under quite unusual conditions, but could be seen
in practice.
This commit also does some very light non-related code improvement
and also includes the testbench test to check the fixed error condition.
closes https://github.com/rsyslog/rsyslog/issues/4043
so far, only the legacy style equivalent was tested. We have changed this
to current style. Legacy is no longer tested to keep CI runtime low.
The new test also has been made more reliable than the previous one.
Adds a python based SNMP Trap Receiver which outputs received
SNMP Traps by UDP onyl at the moment. Can be extended later.
Tests results are verified by content_check.
The tests have to be enabed with ./configure --enable-snmp-tests
Test sndrcv_omsnmpv1_udp_dynsource.sh checks the new snmpv1dynsource
option.
In order to work, the following python packages needs to be installed:
pip install pysnmp
On Ubuntu 18, we need these packages to be installed:
apt install snmp libsnmp-dev snmp-mibs-downloader
closes: https://github.com/rsyslog/rsyslog/issues/3985
Add new configuration parameter tls.tlscfgcmd to omrelp and imrelp.
(Using relpSrvSetTlsConfigCmd and relpCltSetTlsConfigCmd)
OpenSSL Version 1.0.2 or higher is required for this feature.
A list of possible commands and their valid values can be found in the
documentation: https://www.openssl.org/docs/man1.0.2/man3/SSL_CONF_cmd.html
The setting can be single or multiline, each configuration command is
separated by linefeed (n). Command and value are separated by
equal sign (=). Here are a few samples:
tls.tlscfgcmd="Protocol=ALL,-SSLv2,-SSLv3,-TLSv1,-TLSv1.2"
tls.tlscfgcmd="Protocol=ALL,-SSLv2,-SSLv3,-TLSv1
MinProtocol=TLSv1.2"
Add to new testcases for librelp and tlscfgcmd.
closes https://github.com/rsyslog/rsyslog/issues/3959
This commit makes them use the reliable method to obtain a
dynamic port. The previous method lead to unreliability (flakes)
especially on busy machines.
Loki is a new message indexer and querier from Grafana Labs. See
https://github.com/grafana/loki for details on Loki.
This change provides the initial message structure to send bulk message
payloads to the Loki Rest endpoint. omhttp, recieved a new bulk message
format called lokirest. Additionally, the plugin relies on the user to
provide the correct "stream" read message format.
A loki template must be json compatible and include a "stream" key of
key value tags, and a values key of an array of 2 element arrays, where
each 2 element array is the unix epoch in nanoseconds followed by an
unstrectured message.
An example:
template(name="array_loki" type="string" string="{\"stream\":{\"host\":\"%HOSTNAME%\",\"facility\":\"%syslogfacility-text%\",\"priority\":\"%syslogpriority-text%\",\"syslogtag\":\"%syslogtag%\"},\"values\": [[ \"%timegenerated:::date-unixtimestamp%000000000\", \"%msg%\" ]]}")
