Hi All,
Here my conf:
- OS : CentOS 7
- Graylog : 2.3.0
- Elasticsearch 2.4.5
- MonoDB : 2.6.12
- Https enables using : http://docs.graylog.org/en/2.2/pages/configuration/https.html
Graylog works perfectly, whene i try to send Events Log witch Nxlog .But not with TLS enabled , I got this error message :
Here my INPUT :
bind_address:0.0.0.0
decompress_size_limit:8388608
max_message_size:2097152
override_source:<empty>
port:12201
recv_buffer_size:1048576
tcp_keepalive:false
tls_cert_file:/etc/pki/tls/certs/nxlog.crt
tls_client_auth:required
tls_client_auth_cert_file:/etc/pki/tls/certs/nxlog-ca.crt
tls_enable:true
tls_key_file:/etc/pki/tls/private/nxlog.key
tls_key_password:********
use_null_delimiter:true
I used this post to create the TLS certificate :
nxlog.conf :
define ROOT C:\Program Files (x86)\nxlog
Moduledir %ROOT%\modules
CacheDir %ROOT%\data
Pidfile %ROOT%\data\nxlog.pid
SpoolDir %ROOT%\data
LogFile %ROOT%\data\nxlog.log
Module xm_gelf
Module im_msvistalog Exec if ($TargetUserName == 'SYSTEM') OR ($EventType == 'VERBOSE') drop();
Module om_ssl Host graylog.labs Port 12201 CAFile c:\nxlog-ca.crt OutputType GELF_TCP
<Route 1>
Path in => out
Any idea ?
Thanks for you help.