diff --git a/plays/logs.yml b/plays/logs.yml
index 77cc27b08202eee7c3c6597c2d4fc3746ea24459..8891c32bf54ad16b291169773754a12ebe58f297 100755
--- a/plays/logs.yml
+++ b/plays/logs.yml
@@ -1,11 +1,15 @@
 #!/usr/bin/env ansible-playbook
 ---
-# thot is the log server.
-# Servers need to send their logs to thot.
+# tealc is the log server.
+# Servers need to send their logs to tealc.
 
-# Send logs to thot
-- hosts: server,!thot.adm.crans.org
+# Send logs to tealc
+- hosts: server,!tealc.adm.crans.org
   vars:
     rsyslog:
-      server: thot.adm.crans.org
+      server: 172.16.10.1
   roles: ["rsyslog-client"]
+
+- hosts: tealc.adm.crans.org
+  roles:
+    - rsyslog-server
diff --git a/roles/rsyslog-server/tasks/main.yml b/roles/rsyslog-server/tasks/main.yml
new file mode 100644
index 0000000000000000000000000000000000000000..5d99654a1a2914b93bdaa61d7cb808df07c4633b
--- /dev/null
+++ b/roles/rsyslog-server/tasks/main.yml
@@ -0,0 +1,24 @@
+---
+- name: Deploy rsyslog cablage config
+  template:
+    src: rsyslog.d/30-cablage.conf.j2
+    dest: /etc/rsyslog.d/30-cablage.conf
+    mode: 0640
+    owner: root
+    group: root
+
+- name: Deploy rsyslog listen relp config
+  template:
+    src: rsyslog.d/52-listen_relp.conf.j2
+    dest: /etc/rsyslog.d/52-listen_relp.conf
+    mode: 0640
+    owner: root
+    group: root
+
+- name: Deploy rsyslog listen switches config
+  template:
+    src: rsyslog.d/53-listen_switches.conf.j2
+    dest: /etc/rsyslog.d/53-listen_switches.conf
+    mode: 0640
+    owner: root
+    group: root
diff --git a/roles/rsyslog-server/templates/rsyslog.d/30-cablage.conf.j2 b/roles/rsyslog-server/templates/rsyslog.d/30-cablage.conf.j2
new file mode 100644
index 0000000000000000000000000000000000000000..7d1c9f448e5e4bbf95b17dbe20ed90758b798884
--- /dev/null
+++ b/roles/rsyslog-server/templates/rsyslog.d/30-cablage.conf.j2
@@ -0,0 +1,22 @@
+{{ ansible_header | comment }}
+
+# Logs des switches
+
+if $fromhost-ip startswith '172.16.33.' then /pool/logs/tealc/cablage/global.log; CablageFileFormat
+
+# Logs des bornes
+
+## Dropbear est atteint de logorhÃ©e, une partie de ses logs ne sont pas vitaux
+if $programname contains "dropbear" and $msg contains "Exit before auth: Exited normally" then ~
+if $programname contains "dropbear" and re_match($msg, "Child connection from (127.0.0.1|::1|10.231.148.102)") then ~
+if $programname contains "dropbear" and re_match($msg, "Pubkey auth succeeded .* from 10.231.148.102") then ~
+if $programname contains "dropbear" and re_match($msg, "Exit \\(.*\\): Disconnect received") then ~
+
+if $fromhost-ip startswith '172.16.34.' then /pool/logs/tealc/cablage/global.log; CablageFileFormat
+
+# Logs RADIUS
+if $programname contains 'freeradius' then /pool/logs/tealc/cablage/global.log
+if $programname contains 'radiusd' then /pool/logs/tealc/cablage/global.log
+
+# Logs DHCP
+if $programname contains 'dhcpd' then /pool/logs/tealc/cablage/global.log
diff --git a/roles/rsyslog-server/templates/rsyslog.d/52-listen_relp.conf.j2 b/roles/rsyslog-server/templates/rsyslog.d/52-listen_relp.conf.j2
new file mode 100644
index 0000000000000000000000000000000000000000..589ae3b944e2b22688c550bc51bdc2e890e23bcb
--- /dev/null
+++ b/roles/rsyslog-server/templates/rsyslog.d/52-listen_relp.conf.j2
@@ -0,0 +1,4 @@
+{{ ansible_header | comment }}
+
+$ModLoad imrelp
+$InputRELPServerRun 20514
diff --git a/roles/rsyslog-server/templates/rsyslog.d/53-listen_switches.conf.j2 b/roles/rsyslog-server/templates/rsyslog.d/53-listen_switches.conf.j2
new file mode 100644
index 0000000000000000000000000000000000000000..26bb5344ab93628e60a68cbe3611de0b5b2978ee
--- /dev/null
+++ b/roles/rsyslog-server/templates/rsyslog.d/53-listen_switches.conf.j2
@@ -0,0 +1,8 @@
+{{ ansible_header | comment }}
+
+# RÃ©ception en udp: pour les switchs seulement
+# et les bornes wifi
+$ModLoad imudp
+$UDPServerRun 514
+
+$AllowedSender UDP, 127.0.0.1, *.adm.crans.org, 172.16.10.0/24, *.infra.crans.org, 172.16.33.0/24, 172.16.34.0/24