I’m new to all of this and it still unclear after reading the docs what needs to be configured with respect to TLS when using a local nginx reverse proxy to terminate connections.
So beats cannot go through nginx meaning that the GL server has to have port 5044 listening on its external interface so beats can connect directly to it?
I’m not sure…
If you set some fix load balance method in nginx it can handle TLS logs.
I use syslog with TLS where the nginx only load balancing, and the graylog make the TLS. So I think if you configure as stream in nginx, you can do the balancing, but not more, because the traffic is encrypted.
But also as far as I know beats supports loadbalancing, so maybe you don’t need use a proxy fpr that traffic.
Think it again.
If you want the nginx open the tls you have to choose a protocoll what nginx can handle.
Try http:) or check nginx docs.
It can put ssl to stream.
// The Best firewall is the one cm air between the ethernet cable and NIC.
You can use NXLog.
NXLog sends logs to a syslog relay (rsyslog) via TLS, then this relay sends logs to Graylgo via TLS.
And NXLog is configured with Sidecar which communicatse with Graylog API via HTTPS.