diff --git a/roles/bastionhost/tasks/system_setup/rsyslog_forwarding.yml b/roles/bastionhost/tasks/system_setup/rsyslog_forwarding.yml
index 67d9850..dd17565 100644
--- a/roles/bastionhost/tasks/system_setup/rsyslog_forwarding.yml
+++ b/roles/bastionhost/tasks/system_setup/rsyslog_forwarding.yml
@@ -4,14 +4,6 @@
     name: rsyslog-gnutls # For TLS support
     state: present
 
-- name: Bastionhost | rsyslog forwarding | Ensure rsyslog GELF module is installed (on RedHat family)
-  ansible.builtin.package:
-    name: rsyslog-gelf # For Graylog Extended Log Format (GELF)
-    state: present
-  when:
-    - log_forwarding_type == 'gelf'
-    - ansible_os_family == "RedHat"
-
 - name: Bastionhost | rsyslog forwarding | Configure GELF forwarding for SSH logs (for Graylog)
   ansible.builtin.copy:
     dest: /etc/rsyslog.d/60-forward-ssh-logs.conf
@@ -20,8 +12,7 @@
     mode: '0644'
     content: |
       # This file is managed by Ansible
-      # Forward sshd logs to a remote Graylog server using GELF over TLS
-      module(load="omgelf")
+      # Forward sshd logs to a remote Graylog server using GELF (via omfwd) over TLS
       template(name="gelf" type="list") {
           constant(value="{\"version\": \"1.1\", \"host\": \"")
           property(name="hostname")
@@ -40,7 +31,7 @@
 
       # Filter for sshd messages and apply the action
       if $programname == 'sshd' then {
-          action(type="omgelf"
+          action(type="omfwd"
                  target="{{ log_forwarding_target }}"
                  port="{{ log_forwarding_port | default(12201) }}"
                  protocol="tcp"