rsyslog logging to multiple servers with different TLS configurations

Is it possible to have rsyslog log to multiple servers with different TLS configurations? We're currently logging to a local syslog server using the following:

$DefaultNetstreamDriver gtls
$DefaultNetstreamDriverCAFile /etc/pki/rsyslog/ca.pem
$DefaultNetstreamDriverCertFile /etc/pki/rsyslog/local-cert.pem
$DefaultNetstreamDriverKeyFile /etc/pki/rsyslog/local-key.pem
$ActionSendStreamDriverAuthMode anon
$ActionSendStreamDriverMode 1

*.* @@10.50.59.241:6514

We're now in the process of setting up logging to a third party and want to use TLS there as well. They state that we should set up rsyslog like this:

$DefaultNetstreamDriverCAFile /path/to/their/ca.crt
$ActionSendStreamDriver gtls
$ActionSendStreamDriverMode 1
$ActionSendStreamDriverAuthMode x509/name
$ActionSendStreamDriverPermittedPeer *.theirhost.theirdomain

*.* @@theirhost.theirdomain:6514

I figure that I can simply combine the CA's into a single file and set DefaultNetstreamDriverCAFile to that. But if I simply add the remaining second set of options to the bottom of my rsyslog.conf then the permitted peer causes a conflict with the first host. So is there any way to configure rsyslog (we're currently using 7.4.8) to use vastly different TLS setups to two different targets?

$DefaultNetstreamDriverCAFile /etc/pki/rsyslog/ca.pem *.* action(type="omfwd" protocol="tcp" Target="10.50.59.241" Port="6514" StreamDriverMode="1" StreamDriver="gtls" StreamDriverAuthMode="anon" ) *.* action(type="omfwd" Protocol="tcp" Target="some.other.host.com" Port="6514" StreamDriverMode="1" StreamDriver="gtls" StreamDriverAuthMode="x509/name" StreamDriverPermittedPeers="*.some.other.host.com" )

Recommended topics

Hot tags