source tlsListener {
  max_connections(100)

  syslog(
    trasport(tls)
    tls(
      ca_dir(/etc/syslog-ng/ca.d)
      crl_dir(/etc/syslog-ng/crl.d)

      dhparam_file(/etc/syslog-ng/dhparam.pem)

      cert_file(/etc/syslog-ng/server.crt)
      key_file(/etc/syslog-ng/server.key)

      ciphers(ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:AES256-GCM-SHA384:AES256-SHA256:AES128-GCM-SHA256:AES128-SHA256:DHE-DSS-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA256:DHE-DSS-AES128-GCM-SHA256:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-SHA256:DHE-DSS-AES128-SHA256)
      ecdh_curve_list(secp256k1:secp384r1:secp521r1)
      peer_verify(require_trusted)
      ssl_options(no_sslv2, no_sslv3, no_tlsv1)
    )

    so_rcvbuf(1MiB)
    so_sndbuf(1MiB)
  );

  tags(secure)
};

destination networkLogs {
  file(
    /var/log/remote/${HOST}/${YEAR}-${MONTH}-${DAY}_sys.log

    create_dirs(yes)
  )
};

log { source(tlsListener); destination(networkLogs) };