hey @Tom_at_lorman
Dont be fooled by the full path of the certificates,
This can be adjusted for example:
output.logstash:
# The Logstash hosts
hosts: ["192.168.1.100:5044"]
#sername: "admin"
# Optional SSL. By default is off.
# List of root certificates for HTTPS server verifications
ssl.certificate_authorities: ["C:\winlogbeat\ca.pem"]
# Certificate for SSL client authentication
ssl.certificate: "C:\winlogbeat\cert.pem"
# Client Certificate Key
ssl.key: "C:\winlogbeat\cert.key"
Ensure Winlogbeat has access to certificates.
Where every you decide to purtyour certificate/s that Windows node/instance can access them.
Winlogbeat → Graylog’s Input 5044 (SSL certificates can be used)
The Communication between Sidecar and Graylog will be secured if your API uses SSL .To secure the communication between the Collector and Graylog you just need to mark Enable TLS in your Beats Input.
This is found here.
https://go2docs.graylog.org/5-0/getting_in_log_data/graylog_sidecar.html
There are a lot of good references in the form.