Version
Only the PUT and the POST methods are supported.
HTTPS connection, as well as password- and certificate-based authentication is supported.
If the server returns a status code beginning with 2 (for example, 200), syslog-ng OSE assumes the message was successfully sent. For other response codes, see HTTP destination options. You can override the behavior of syslog-ng OSE using the response-action() option.
destination d_https { http( [...] tls( ca-file("/<path-to-certificate-directory>/ca-crt.pem") ca-dir("/<path-to-certificate-directory>/") cert-file("/<path-to-certificate-directory>/server-crt.pem") key-file("/<path-to-certificate-directory>/server-key.pem") ) [...] ); };
destination d_http { http( url("<web-service-IP-or-hostname>") method("<HTTP-method>") user-agent("<USER-AGENT-message-value>") user("<username>") password("<password>") ); };
The driver automatically uses the proxy settings of the host, there is no option to set it in the syslog-ng OSE configuration. Specifically, the driver uses the settings of the http_proxy and https_proxy environment variables.
The following example defines an http destination.
destination d_http { http( url("http://127.0.0.1:8000") method("PUT") user-agent("syslog-ng User Agent") user("user") password("password") headers("HEADER1: header1", "HEADER2: header2") body("${ISODATE} ${MESSAGE}") ); }; log { source(s_file); destination(d_http); flags(flow-control); };
You can also use the http() destination to forward log messages to Splunk using syslog-ng OSE.
© 2024 One Identity LLC. ALL RIGHTS RESERVED. Feedback Terms of Use Privacy