From b3c1066908a54b756098f3acb5e4276356651fe5 Mon Sep 17 00:00:00 2001 From: technusm1 Date: Fri, 6 Jun 2025 18:39:51 +0530 Subject: [PATCH 1/2] docs: add TLS configuration options for syslog server --- docs/environment-variables.md | 4 ++++ docs/ingestion/logs/syslog.md | 6 ++++++ 2 files changed, 10 insertions(+) diff --git a/docs/environment-variables.md b/docs/environment-variables.md index 1faa291d..2a19dbf9 100644 --- a/docs/environment-variables.md +++ b/docs/environment-variables.md @@ -121,6 +121,10 @@ OpenObserve is configured through the use of below environment variables. | ZO_ALERT_SCHEDULE_INTERVAL | | No | | | ZO_TCP_PORT | 5514 | No | TCP port for syslog | | ZO_UDP_PORT | 5514 | No | UDP port for syslog | +| ZO_TCP_TLS_ENABLED | false | No | Enable TLS for TCP syslog server. | +| ZO_TCP_TLS_CERT_PATH | | No | Path to the TLS certificate file to be used on the server. | +| ZO_TCP_TLS_KEY_PATH | | No | Path to the TLS key file to be used on the server. | +| ZO_TCP_TLS_CA_CERT_PATH | | No | Path to the TLS CA certificate file to be used on the server. | | ZO_APP_NAME | | No | | | ZO_DEFAULT_SCRAPE_INTERVAL | | No | | | ZO_CIRCUIT_BREAKER_ENABLE | | No | | diff --git a/docs/ingestion/logs/syslog.md b/docs/ingestion/logs/syslog.md index fd82933b..669f5745 100644 --- a/docs/ingestion/logs/syslog.md +++ b/docs/ingestion/logs/syslog.md @@ -25,6 +25,12 @@ You can change the default port number using the following environment variables * `ZO_TCP_PORT` - TCP port number to listen on. Default: `5514` * `ZO_UDP_PORT` - UDP port number to listen on. Default: `5514` +You can also configure the TLS settings for syslog TCP server using the following environment variables: +* `ZO_TCP_TLS_ENABLED` - Enable TLS for TCP syslog server. If enabled, `ZO_TCP_PORT` will be used for the TLS connection over TCP. Default: `false` +* `ZO_TCP_TLS_CERT_PATH` - Path to the TLS certificate file to be used on the server. +* `ZO_TCP_TLS_KEY_PATH` - Path to the TLS key file to be used on the server. +* `ZO_TCP_TLS_CA_CERT_PATH` - Path to the TLS CA certificate file to be used on the server. + ## Testing From 382e22acd23d67fe753da072c05f8a0f06df1285 Mon Sep 17 00:00:00 2001 From: Maheep Kumar <26147403+technusm1@users.noreply.github.com> Date: Sat, 7 Jun 2025 16:47:39 +0530 Subject: [PATCH 2/2] Update syslog.md --- docs/ingestion/logs/syslog.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/docs/ingestion/logs/syslog.md b/docs/ingestion/logs/syslog.md index 669f5745..ee2fc9dd 100644 --- a/docs/ingestion/logs/syslog.md +++ b/docs/ingestion/logs/syslog.md @@ -27,9 +27,11 @@ You can change the default port number using the following environment variables You can also configure the TLS settings for syslog TCP server using the following environment variables: * `ZO_TCP_TLS_ENABLED` - Enable TLS for TCP syslog server. If enabled, `ZO_TCP_PORT` will be used for the TLS connection over TCP. Default: `false` + +If `ZO_TCP_TLS_ENABLED` is set to `true`, then make sure to set all the below variables in production: * `ZO_TCP_TLS_CERT_PATH` - Path to the TLS certificate file to be used on the server. * `ZO_TCP_TLS_KEY_PATH` - Path to the TLS key file to be used on the server. -* `ZO_TCP_TLS_CA_CERT_PATH` - Path to the TLS CA certificate file to be used on the server. +* `ZO_TCP_TLS_CA_CERT_PATH` - Path to the TLS CA certificate file to be used on the server. It is recommended to set this variable if the above 2 variables are set, otherwise, the configured certificate will be treated as a self-signed certificate. This is useful for development and internal testing, but not recommended for production setups as it could still be vulnerable to man-in-the-middle attacks. ## Testing