I currently have a Graylog server setup that is using gelf-tcp inputs to ingest logs from td-agents on various hosts but it has been pointed out that these are not using TLS.
I would like to set up self-signed certs and configure the td-agents to talk to the Graylog gelf-tcp input using TLS 1.2.
I had been having a hunt around online looking for examples of someone trying this out and haven’t located anything as yet. I noticed that my td-agent config is using “type copy” and I can’t see any TLS configuration for that plugin. I see a couple of other plugins that do but not sure which one is best when forwarding to a Graylog input directly, any ideas?