Have configured Rsyslog to ship logs to a remote location through an SSH tunnel.
However rsyslog complains with "Permission denied":
rsyslogd[28412]: cannot connect to 127.0.0.1:10601: Permission denied [v8.2102.0-10.el8 try https://www.rsyslog.com/e/2027 ]
The server is CentOS Stream 8
The tunnel is verified to be up - ss -lntp
- and I'm able to send through it with i.e. echo test | nc 127.0.0.1 601
, and the test shows up at the remote.
The tunnel is kept up by autossh
running as an unprivileged user, thus the local port must be unprivileged (or you get bind [127.0.0.1]:601: Permission denied
when setting up the tunnel).
Forwarding is done through the Rsyslog omfwd
Forwarding Output Module
# /etc/rsyslog.d/00-forward.conf
# Forward to remote server through an ssh tunnel / autossh
*.info action(type="omfwd"
queue.Type="LinkedList"
queue.Filename="forward_queue_1"
queue.MaxDiskSpace="3m"
queue.SaveOnshutdown="on"
action.ResumeRetryCount="-1"
target="127.0.0.1" port="10601" protocol="tcp"
)