109.5. Batched Compression (im_batchcompress)
The im_batchcompress module provides a compressed network transport with optional SSL encryption. It uses its own protocol to receive and decompress a batch of messages sent by om_batchcompress.
109.5.1. Configuration
The im_batchcompress module accepts the following directives in addition to the common module directives.
- ListenAddr
-
The module will accept connections on this IP address or DNS hostname. The default is
localhost.
- Port
-
The module instance will listen on this port for incoming connections. The default is port 2514.
- AllowUntrusted
-
This boolean directive specifies whether the remote connection should be allowed without certificate verification. If set to TRUE the remote will be able to connect with an unknown or self-signed certificate. The default value is FALSE: by default, all connections must present a trusted certificate.
- CADir
-
This specifies the path to a directory containing certificate authority (CA) certificates, which will be used to check the certificate of the remote socket. The certificate filenames in this directory must be in the OpenSSL hashed format. A remote’s self-signed certificate (which is not signed by a CA) can also be trusted by including a copy of the certificate in this directory.
- CAFile
-
This specifies the path of the certificate authority (CA) certificate, which will be used to check the certificate of the remote socket. To trust a self-signed certificate presented by the remote (which is not signed by a CA), provide that certificate instead.
- CertFile
-
This specifies the path of the certificate file to be used for the SSL handshake.
- CertKeyFile
-
This specifies the path of the certificate key file to be used for the SSL handshake.
- CRLDir
-
This specifies the path to a directory containing certificate revocation lists (CRLs), which will be consulted when checking the certificate of the remote socket. The filenames in this directory must be in the OpenSSL hashed format.
- CRLFile
-
This specifies the path of the certificate revocation list (CRL) which will be consulted when checking the certificate of the remote socket.
- KeyPass
-
With this directive, a password can be supplied for the certificate key file defined in CertKeyFile. This directive is not needed for passwordless private keys.
- RequireCert
-
This boolean directive specifies that the remote must present a certificate. If set to TRUE and there is no certificate presented during the connection handshake, the connection will be refused. The default value is TRUE: by default, each connections must use a certificate.
- SSLCipher
-
This optional directive can be used to set the permitted SSL cipher list, overriding the default. Use the format described in the ciphers(1ssl) man page.
- SSLProtocol
-
This directive can be used to set the allowed SSL/TLS protocol(s). It takes a comma-separated list of values which can be any of the following:
SSLv2,SSLv3,TLSv1,TLSv1.1, andTLSv1.2. By default, the TLSv1, TLSv1.2, and TLSv1.2 protocols are allowed. Note that the OpenSSL library shipped by Linux distributions may not support SSLv2 and SSLv3, in which case these will not work even if enabled with SSLProtocol.
109.5.2. Fields
The following fields are used by im_batchcompress.
$MessageSourceAddress(type: string)-
The IP address of the remote host.
109.5.3. Examples
This configuration listens on port 2514 for incoming log batches and writes them to file.
![[Download file]](images/icons/download_icon.png "Download file"){kind=icon}
1
2
3
4
5
6
7
8
9
10
11
12
13
14
<Input batchcompress>
Module im_batchcompress
ListenAddr 0.0.0.0
Port 2514
</Input>
<Output file>
Module om_file
File "tmp/output"
</Output>
<Route batchcompress_to_file>
Path batchcompress => file
</Route>