Support audit syslog over TLS (#12124)

Add support to transport syslogs over TLS. Since TLS params essentially require passing host and port separately, add a boolean flag to the configuration template and also use the same `action` format for plaintext logs. This allows seamless transition. The plaintext host:port is picked from `AUDIT_LOGGING_ENDPOINT` (as earlier) and from `AUDIT_LOGGING_TLS_ENDPOINT`. The TLS host:port is used when defined and non-empty. `remote_endpoint` is split separately to hostname and port as required by `omfwd` module. Also the address parsing and config content generation are split to more testable functions with basic tests added.
2025-12-22 21:59:59 +00:00 · 2025-07-01 15:53:46 +03:00
parent d2d9946bab
commit 6d73cfa608
6 changed files with 270 additions and 14 deletions
--- a/compute/compute-node.Dockerfile
+++ b/compute/compute-node.Dockerfile
@@ -1983,7 +1983,7 @@ RUN apt update && \
        locales \
        lsof \
        procps \
-        rsyslog \
+        rsyslog-gnutls \
        screen \
        tcpdump \
        $VERSION_INSTALLS && \