主页 / ubuntu / 问题 / 1540662
Accepted
Kenneth Fribert
Asked: 2025-02-06 18:36:14 +0800 CST

未找到 rsyslog gtls - ubuntu 24.04

  • 772

Ubuntu 是 24.04

我正在尝试设置 rsyslog 来接收加密的系统日志。

我已经做了

apt install rsyslog-gnutls

但是在 /usr/lib/x86_64-linux-gnu/rsyslog/ 中我没有看到 gtls.so 文件

我确实看到了 lmnsd_gtls.so,但没有看到 gtls.so

因此,当我尝试启动 rsyslogd 时,它显示:

Feb 06 11:29:45 syslog-proxy rsyslogd[22861]: could not load module 'gtls', errors: trying to load module /usr/lib/x86_64-linux-gnu/rsyslog/gtls.so: /usr/lib/x86_64-linux-gnu/rsyslog/gtls.so: cannot open shared object file: No such file>

它还抱怨:

error during parsing file /etc/rsyslog.conf, on or before line 16: parameter 'StreamDriverAuthMode' not known
error during parsing file /etc/rsyslog.conf, on or before line 16: parameter 'StreamDriverMode' not known
error during parsing file /etc/rsyslog.conf, on or before line 16: parameter 'StreamDriver' not known

rsyslog.conf:

# Set up encryption with certificates

$DefaultNetstreamDriver gtls
$DefaultNetstreamDriverCAFile /etc/rsyslog/certs/rsyslog.crt
$DefaultNetstreamDriverCertFile /etc/rsyslog/certs/rsyslog.crt
$DefaultNetstreamDriverKeyFile /etc/rsyslog/certs/rsyslog.key

#### MODULES ####

module(load="imuxsock") # provides support for local system logging
module(load="imtcp")
module(load="gtls")        # For TLS encryption

# Enable TCP on port 514 (unencrypted) and a different port for encrypted logging (e.g., 6514)
input(type="imtcp" port="514")
input(type="imtcp" port="6514" StreamDriver="gtls" StreamDriverMode="1" StreamDriverAuthMode="anon")

# provides kernel logging support and enable non-kernel klog messages
#module(load="imklog" permitnonkernelfacility="on")

###########################
#### GLOBAL DIRECTIVES ####
###########################

# Filter duplicated messages
$RepeatedMsgReduction on

#
# Set the default permissions for all log files.
#
$FileOwner syslog
$FileGroup adm
$FileCreateMode 0640
$DirCreateMode 0755
$Umask 0022

# Drop privileges to syslog after starting
$PrivDropToUser syslog
$PrivDropToGroup syslog

#
# Where to place spool and state files
#
$WorkDirectory /var/spool/rsyslog

#
# Include all config files in /etc/rsyslog.d/

####################################
# Remote log handling              #
####################################

$template remote-incoming-logs, "/var/log/remotehosts/%HOSTNAME%/%PROGRAMNAME%.log"
*.* ?remote-incoming-logs
&~
24.04

1 个回答

  1. Best Answer

    您可以在此处查看参数。它们应该是

    input(type="imtcp" port="6514" StreamDriver.Name="gtls" StreamDriver.Mode="1" StreamDriver.AuthMode="anon")

    但您可能不需要该名称,因为您已将其设置为默认值。

    • 0

相关问题