It’s possible configure SGBox to support TCP with TLS protocol to receive syslog messages.

Requirements:

• SGBox version 5.4.1
• Custom certificate must uploaded: Custom Certificate

Be careful!! Making errors in the configuration can cause that service will not start correctly

In this section will be described the steps:
Connect to SGBox using terminal (like putty). Go to Appliance Management > Syslog > Edit configuration File.

Go down to SGBox customization Section and add the following strings:

# provides TCP TLS syslog reception
global(
DefaultNetstreamDriver="gtls"
DefaultNetstreamDriverCAFile="/etc/apache2/custom_certs/chain_bundle.crt"
DefaultNetstreamDriverCertFile="/etc/apache2/custom_certs/crt_bundle.crt"
DefaultNetstreamDriverKeyFile="/etc/apache2/custom_certs/key_bundle.key"
)
module(
load="imtcp"
StreamDriver.Name="gtls"
StreamDriver.Mode="1"
StreamDriver.Authmode="anon"
)
input(
type="imtcp"
port="6514"
ruleset="remote"
)


Save the configuration and click Restart Service

It’s possible configure SGBox to support both UDP and TCP protocol to receive syslog messages.

Be careful!! Making errors in the configuration can cause that service will not start correctly

In this section will be described the steps:
Connect to SGBox using terminal (like putty). Go to Appliance Management > Syslog > Edit configuration File.

Go down ti SGBox customization Section and it should appear as following:

# provides UDP syslog reception
$ModLoad imudp
$InputUDPServerBindRuleset remote
$UDPServerRun 514

# provides TCP syslog reception
$ModLoad imptcp
$InputPTCPServerBindRuleset remote
$InputPTCPServerRun 514

Save the configuration and click to Restart Service