Hi Team,
I am trying to configure my haproxy to capture TLS connections to the system. I am able to achieve this by using the following method
global
daemon
nbproc 1 # number of processing cores
stats socket /tmp/haproxy level admin user mode 774
defaults
timeout client 60000ms # maximum inactivity time on the client side
timeout server 180000ms # maximum inactivity time on the server side
timeout connect 60000ms # maximum time to wait for a connection attempt to a server to succeed
######### Sending logs to rsyslog
log 127.0.0.1 local3 info
log-format “%ci:%cp %ft %b/%s %Tw/%Tc %ST %B %tsc %ac/%fc/%bc/%sc/%rc %sq/%bq %hr %hs %sslv %sslc”
Now the problem with this is, since I am using “info” in log, it logs everything happening with haproxy including tls connections and it is flooding my /var/log/haproxy.log file and I dont need that.
So what can I do to ensure that my haproxy will only send warnings and TLS logs on haproxy.log.
I know I can send only warning by using the following , which will not flood my haproxy logs
log 127.0.0.1 local3 warning
But if I use the above line, then it wont log incoming TLS connections on haproxy.log because it is not a warning. Kindly assist me on this. Much appreciated
Thanks and Regads,
Zorrom