Our next-gen architecture is built to help you make sense of your ever-growing data. Watch a 4-min demo video!

Back to All Docs

Configuring TLS on rsyslog

Last Updated: Jun. 09, 2024


This document explains how to configure rsyslog to support TLS connections, which is necessary for sending logs to Coralogix syslog endpoints.


  • Ubuntu 22.04 (or newer)


STEP 1. Install the gtls driver and ca-certificates:

sudo apt update -y
sudo apt install rsyslog-gnutls ca-certificates

STEP 2. Modify the rsyslog configuration file:

$DefaultNetstreamDriver gtls $DefaultNetstreamDriverCAFile /etc/ssl/certs/ca-certificates.crt $ActionSendStreamDriverMode 1 $ActionSendStreamDriverAuthMode x509/name $ActionSendStreamDriverPermittedPeer *.coralogix.com $template CoralogixSyslogFormat,"{\"fields\": {\"private_key\":\"xxxx\",\"application_name\":\"vagrant\",\"subsystem_name\":\"syslog\"},\"message\": {\"message\":\"%msg:::json%\"}}\n" *.* @@syslog.coralogix.com:6514;CoralogixSyslogFormat

STEP 3. Restart rsyslog:

sudo systemctl restart rsyslog


STEP 1. Check the status of the rsyslog service:

sudo systemctl status rsyslog

STEP 2. Check for any errors in the journalctl logs:

sudo journalctl -f -u rsyslog


Need help?

Our world-class customer success team is available 24/7 to walk you through your setup and answer any questions that may come up.

Feel free to reach out to us via our in-app chat or by emailing support@coralogix.com.

On this page