I am currently facing an issue in sending data through collector sidecar using beats with SSL setup.
Consider this as our scenario,
I have two instances in which first instance have only running collector sidecar and the second instance are running Graylog application with SSL setup.
I am trying to collect and send data from first instance collector_sidecar to my second instance graylog application and in which I made the changes in collector_sidecar.yml by giving the server URL as (https://graylogserver.com:9000/api/) and after restarting the collector sidecar in first instance I got an error by saying graylog-certificate.pem & graylogkey.pem files were not found in the directory, so then I copied those two files from second instance and kept in the respective path of the first instance and then file not found issue were resolved, but now I am currently getting the below error something related to certificate format,
time="2017-12-11T18:02:09Z" level=error msg="[UpdateRegistration] Failed to report collector status to server: Put https://graylogserver.com:9000/api/plugins/org.graylog.plugins.collector/collectors/a61675b7-17f3-4b20-8a0c-9d1b929bb53b: x509: certificate signed by unknown authority" time="2017-12-11T18:02:15Z" level=error msg="[RequestConfiguration] Fetching configuration failed: Get https://graylogserver.com:9000/api/plugins/org.graylog.plugins.collector/a61675b7-17f3-4b20-8a0c-9d1b929bb53b?tags=%5B%22linux%22%2C%22apache%22%2C%22graylogserver%22%5D: x509: certificate signed by unknown authority"
Any help would be really appreciated…
First instance collector_sidecar.yml file,
server_url: https://graylogserver.com:9001/api/ update_interval: 10 tls_skip_verify: false send_status: true list_log_files: node_id: graylog-collector-sidecar_dev collector_id: file:/etc/graylog/collector-sidecar/collector-id cache_path: /var/cache/graylog/collector-sidecar log_path: /var/log/graylog/collector-sidecar log_rotation_time: 86400 log_max_age: 604800 tags: - linux - apache - graylogserver backends: - name: nxlog enabled: false binary_path: /usr/bin/nxlog configuration_path: /etc/graylog/collector-sidecar/generated/nxlog.conf - name: filebeat enabled: true binary_path: /usr/bin/filebeat configuration_path: /etc/graylog/collector-sidecar/generated/filebeat.yml
Filebeat also got generated in the respective configuration_path,
filebeat: prospectors: - encoding: plain exclude_lines: - Ticket fields: collector_node_id: graylog-collector-sidecar data: example.org gl2_source_collector: a61675b7-17f3-4b20-8a0c-9d1b929bb53b type: log ignore_older: 0 paths: - /home/ubuntu/*.csv scan_frequency: 10s tail_files: false type: log output: logstash: hosts: - graylogserver.com:5044 ssl: certificate: /etc/graylogserver/cluster1/graylog-certificate.pem key: /etc/graylogserver/cluster1/graylogkey.pem verification_mode: none path: data: /var/cache/graylog/collector-sidecar/filebeat/data logs: /var/log/graylog/collector-sidecar tags: - linux - apache - graylogserver
Please correct me If I am doing anything wrong in the setup.