Hi,
I am new to graylog and I hope you can answer my question or guide me in the right direction.
I have graylog installed and working on a vm server (ubuntu 16.04 lts server) and so far I have a few server where the rsyslog data is sent via udp with the following command on the client servers (ubuntu):
*.* @192.168.1.211:8515;RSYSLOG_SyslogProtocol23Format
This works fine.
Yet, how can I send the rsyslog data from our external servers (different location, over internet) that are not on the same local network? If I have servers located on a different location (colocation, hosted servers). For security reasons I can’t send the rsyslog data via udp or tcp unencrypted over the internet. Or, do I need to use “multiple graylog server setup” for this to work? One graylog server at each colocation (hosted).
Or is there a way to send the rsyslog data via ssh (encrypted) over the internet to the main graylog server?
Regards,
Markus