syslog-ng documentation

Your main source of knowledge

The syslog-ng product family has an extensive documentation, covering everything from how to install a product to the most complex configuration and settings descriptions. If you cannot find an answer to your question, try the mailing list - our community is always eager to help.

syslog-ng Premium Edition


10.2. Encrypting log messages with TLS The syslog-ng Premium Edition 7 Administrator Guide

This section describes how to configure TLS encryption in syslog-ng. For the concepts of using TLS in syslog-ng, see Section 10.1, Secure logging using TLS.

Create an X.509 certificate for the syslog-ng server.


The subject_alt_name parameter (or the Common Name parameter if the subject_alt_name parameter is empty) of the server's certificate must contain the hostname or the IP address (as resolved from the syslog-ng clients and relays) of the server (for example

Alternatively, the Common Name or the subject_alt_name parameter can contain a generic hostname, for example *

Note that if the Common Name of the certificate contains a generic hostname, do not specify a specific hostname or an IP address in the subject_alt_name parameter.