Hello everyone !
I ve a probleme of choosing the best way to send logs on a lan of entreprise !
well i want to send logs using udp because it faster
but i feel like i have to crypt it and then i ll have to use tcp !
, i heard about some technic using VPN and it must be others ?
what is the best way in your view to send data on big Lan ? why ? and how ?
N.B: i’am a verry beginner !
And thank u everyone for your help
anyone can help ? please ?
Hello,
I would recommend TCP in order to net loose any logs.
If some logs come from an insecure network like a DMZ I would use TLS (over TCP), but if hosts are in the same LAN as Graylog, TLS is quite useless.
If you have big firewalls which produce many logs (over than 2000 events per second) you could use UDP to not sature your network.
1 Like
thank you sir !
and i can’t get why tls is usless in one local network ?
This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.