ospatrol.conf: Remote Options¶
Overview¶
Location¶
All remote options must be configured in the /var/ospatrol/etc/ospatrol.conf and used within the <ospatrol_config> tag.
XML excerpt to show location:
<ospatrol_config>
<remote>
<!--
remote options here
-->
</remote>
</ospatrol_config>
Options¶
- remote¶
- connection¶
Specify the type of connection being enabled: secure or using syslog.
Default: secure
Allowed: secure/syslog
- port¶
Specifies the port to listen for events.
Default:
- 1514: if connection is set to secure
- 514: if connection is set to syslog
Allowed: Any port number from 1 to 65535
- protocol¶
Specifies the protocol to use for syslog events.
Default: udp
Allowed: udp or tcp
- allowed-ips¶
List of IP addresses that are allowed to send syslog messages to the server (one per element).
Allowed: Any IP address or network
Note
It is necessary to allow at least one IP address when using the syslog connection type.
- deny-ips¶
List of IP addresses that are not allowed to send syslog messages to the server(one per element).
Allowed: Any IP address or network
- local_ip¶
Local ip address to listen for connections.
Default: all interfaces
Allowed: Any internal ip address
- ipv6¶
Local ipv6 address to listen for connections.
Default: None
Allowed: Any IPv6 address.
Note
This is not well tested. For the time being I recommend using the full IPv6 address instead of one of the many shortcuts.