Input TLS configuration


#1

Hi All

Apologies if I should have been able to google this with a simple query, but I am not sure about some of the information I found.

I am running various flavours of Linux which I would like to be able to send the logs via TLS, installed version of Graylog is 2.2.3+7adc951 on a Centos 7.3 box.

On the Graylog box can I use a standard signed SSL cert for Apache or do I need to convert it? the same for the clients? I am trying to avoid having to setup my own CA.

I am using rsyslog from each client, is there any specific configuration that needs to be done for the . @@graylog.example.org:514;RSYSLOG_SyslogProtocol23Format which I add in to the /etc/rsyslog.d/ configuration file?

If anyone got any ideas or suggestions to share then I would really appreciate it.

Regards


(Jochen) #2

See http://docs.graylog.org/en/2.2/pages/configuration/https.html.

Yes, you need to configure TLS in rsyslog: http://www.rsyslog.com/doc/v8-stable/tutorials/tls_cert_summary.html


#3

Sweet many thanks for clarifying that