[
https://issues.apache.org/jira/browse/NIFI-1227?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Bryan Bende updated NIFI-1227:
------------------------------
Attachment: NIFI-1227.patch
Attaching a patch which adds TLS support to both syslog processors. Each
processor now has a SSLContextService property which will enable TLS.
Validation prevents setting the service and choosing UDP so that it can only be
used with TCP.
One downside that I can't seem to figure out is related to the error handling.
For example, on the put side if I send a message without a context service set
to a syslog server listening with TLS, it still goes through but the syslog log
shows it couldn't read the message. Same thing on listening side, if listening
without a context service and a message is sent from a TLS forwarder, we
receive it but the payload is encrypted and can't be parsed so routed to
invalid. Not sure what else we can do here, but wanted to note these scenarios.
> ListenSyslog should support TLS
> -------------------------------
>
> Key: NIFI-1227
> URL: https://issues.apache.org/jira/browse/NIFI-1227
> Project: Apache NiFi
> Issue Type: Improvement
> Components: Core Framework
> Affects Versions: 0.4.0
> Reporter: Andre
> Assignee: Bryan Bende
> Attachments: NIFI-1227.patch
>
>
> It would be good if the ListenSyslog supported TLS as described here:
> http://www.rsyslog.com/doc/v8-stable/tutorials/tls_cert_summary.html
> and
> https://www.balabit.com/sites/default/files/documents/syslog-ng-ose-latest-guides/en/syslog-ng-ose-guide-admin/html/procedure-configuring-tls-server.html
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
