diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 8a75dd84..b96d16c8 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -9,7 +9,7 @@ name: ci
 
 jobs:
   lint-unit:
-    uses: sous-chefs/.github/.github/workflows/lint-unit.yml@3.0.0
+    uses: sous-chefs/.github/.github/workflows/lint-unit.yml@3.1.1
     permissions:
       actions: write
       checks: write
@@ -46,9 +46,9 @@ jobs:
       - name: Check out code
         uses: actions/checkout@v4 # v4
       - name: Install Chef
-        uses: actionshub/chef-install@2.0.4
+        uses: actionshub/chef-install@3.0.0
       - name: Dokken
-        uses: actionshub/test-kitchen@2.1.0
+        uses: actionshub/test-kitchen@3.0.0
         env:
           CHEF_LICENSE: accept-no-persist
           KITCHEN_LOCAL_YAML: kitchen.dokken.yml
diff --git a/CHANGELOG.md b/CHANGELOG.md
index e5ce1ecb..d7668d97 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -6,7 +6,16 @@ This file is used to list changes made in each version of the rsyslog cookbook.
 
 Standardise files with files in sous-chefs/repo-management
 
-Standardise files with files in sous-chefs/repo-management
+## 9.2.21 - *2024-05-02*
+
+## 9.2.20 - *2024-05-02*
+
+## 9.2.19 - *2024-02-02*
+
+## 9.2.18 - *2024-02-02*
+
+Make `$InputTCPMaxSessions` configurable via
+`node['rsyslog']['tcp_max_sessions']` attribute.
 
 ## 9.2.17 - *2023-12-21*
 
diff --git a/README.md b/README.md
index e157ef53..45f1ce30 100644
--- a/README.md
+++ b/README.md
@@ -73,6 +73,7 @@ See `attributes/default.rb` for default values.
 - `node['rsyslog']['rate_limit_interval']` - Value of the $SystemLogRateLimitInterval configuration directive in `/etc/rsyslog.conf`. Default is nil, leaving it to the platform default.
 - `node['rsyslog']['rate_limit_burst']` - Value of the $SystemLogRateLimitBurst configuration directive in `/etc/rsyslog.conf`. Default is nil, leaving it to the platform default.
 - `node['rsyslog']['action_queue_max_disk_space']` - Max amount of disk space the disk-assisted queue is allowed to use ([more info](http://www.rsyslog.com/doc/queues.html)).
+- `node['rsyslog']['tcp_max_sessions']` - Maximum number of TCP sessions (ie. clients) this rsyslog server will handle. Default is 200.
 - `node['rsyslog']['enable_tls']` - Whether or not to enable TLS encryption. When enabled, forces protocol to `tcp`. Default is `false`.
 - `node['rsyslog']['tls_driver']` -  Defaults to `ossl`.
 - `node['rsyslog']['tls_ca_file']` - Path to TLS CA file. Required for both server and clients.
diff --git a/attributes/default.rb b/attributes/default.rb
index 4701ce73..e417b217 100644
--- a/attributes/default.rb
+++ b/attributes/default.rb
@@ -50,6 +50,7 @@
                                                     'ossl'
                                                   end
 default['rsyslog']['action_queue_max_disk_space'] = '1G'
+default['rsyslog']['tcp_max_sessions']          = 200
 default['rsyslog']['tls_ca_file']               = nil
 default['rsyslog']['tls_certificate_file']      = nil
 default['rsyslog']['tls_key_file']              = nil
diff --git a/kitchen.yml b/kitchen.yml
index 0f41245c..994cbf57 100644
--- a/kitchen.yml
+++ b/kitchen.yml
@@ -77,6 +77,9 @@ suites:
       inspec_tests:
         - name: rsyslog-default-integration-tests
           path: test/integration/default
+    attributes:
+      rsyslog:
+        tcp_max_sessions: 123
 
   - name: input_file_resource
     attributes:
diff --git a/metadata.rb b/metadata.rb
index fb92adf0..0d6071a6 100644
--- a/metadata.rb
+++ b/metadata.rb
@@ -3,7 +3,7 @@
 maintainer_email  'help@sous-chefs.org'
 license           'Apache-2.0'
 description       'Installs and configures rsyslog'
-version           '9.2.17'
+version           '9.2.21'
 source_url        'https://github.com/sous-chefs/rsyslog'
 issues_url        'https://github.com/sous-chefs/rsyslog/issues'
 chef_version      '>= 15.3'
diff --git a/templates/default/rsyslog.conf.erb b/templates/default/rsyslog.conf.erb
index 153fddfe..8e264587 100644
--- a/templates/default/rsyslog.conf.erb
+++ b/templates/default/rsyslog.conf.erb
@@ -44,6 +44,7 @@ $DefaultNetstreamDriverKeyFile <%= node['rsyslog']['tls_key_file'] %>
 
 $ModLoad imtcp
 
+$InputTCPMaxSessions <%= node['rsyslog']['tcp_max_sessions'] || 200 %>
 $InputTCPServerStreamDriverMode 1 # run driver in TLS-only mode
 $InputTCPServerStreamDriverAuthMode <%= node['rsyslog']['tls_auth_mode'] || 'anon' %>
 $InputTCPServerRun <%= node['rsyslog']['port'] %>
@@ -51,6 +52,7 @@ $InputTCPServerRun <%= node['rsyslog']['port'] %>
   <% else -%>
 <% if node['rsyslog']['protocol'] =~ /tcp/ %>
   $ModLoad imtcp
+  $InputTCPMaxSessions <%= node['rsyslog']['tcp_max_sessions'] || 200 %>
   $InputTCPServerRun <%= node['rsyslog']['port'] %>
 <% end -%>
 <% if node['rsyslog']['protocol'] =~ /udp/ %>
diff --git a/test/integration/server/controls/server_spec.rb b/test/integration/server/controls/server_spec.rb
index a6cd266c..8a06ea98 100644
--- a/test/integration/server/controls/server_spec.rb
+++ b/test/integration/server/controls/server_spec.rb
@@ -1,4 +1,9 @@
 control 'server' do
+  describe file '/etc/rsyslog.conf' do
+    it { should be_file }
+    its(:content) { should match /^\$InputTCPMaxSessions 123$/ }
+  end
+
   describe file '/etc/rsyslog.d/35-server-per-host.conf' do
     it { should be_file }
   end