I am attempting to send data to a syslog destination with TLS enabled since it is from Cribl cloud over the internet to a VPS.
The VPS has rsyslog listening on port 6514 with TLS and a letsencrypt cert.
rsyslog is an rsyslog/rsyslog:latest docker container created yesterday.
I have been able to successfully send data to the syslog listener from that same VPS using the following command:
echo '<14>1 2026-04-12T14:14:00Z testhost test - - - My TLS log message' | openssl s_client -connect 127.0.0.1:6514
When I am attempting to set up the syslog destination in Cribl Cloud, I have the following settings:
load balancing: enabled
address: fqdn of destination listed in certificate
port: 6514
TLS: Inherit
TLS Servername: fqd nof destination listed in certificate
loadweight: 1
When I look at the config later it shows TLS disabled and the logs cycle through the following messages:
“adding sender”
“attempting to connect”
“sender state change”
“connected”
“Setting I/O metrics level”
When I do a test I get the following error:
error: read ECONNRESET
endpoint: {…, tls: false}
Host and port are correct.
How do I get the syslog destination to use TLS, or is there something else I am doing incorrectly?
Thanks