Hi, I have installed and setyup the Dockerised Graylog on an AWS ec2 instance and able to access the the Graylog server from the web, Launched a Syslog TCP Port ,
Launched another instance with apache (httpd) and by configuring in rsyslog.conf able to send the apache logs to Graylog server . Now i'm trying to - secure the sending logs to graylog server - To send the logs from client to GRAYLOG server we cofigure rsyslog.conf with template *.* @graylog.example.org:514 , so if somebody in our team have done the same configuration that client also will send the log messages to the graylog server. so it shouldn't be happen. We should have to maintain secure access (like from the client side if we want to send the logs we should need some permission or access). Sending of log also should be secure or else if everybody will be sending logs to that same port and there will be a mess up, right. So sending of logs should be secure - how can we secure the sending logs? i have posted this previously and got the reply as - *rsyslog and Graylog support sending logs via TLS which also includes client certificate verification.* But i was not familiar with that & asked in detail and got reply with these links - http://www.rsyslog.com/doc/v8-stable/tutorials/tls_cert_summary.html http://www.rsyslog.com/doc/v8-stable/tutorials/tls.html Here i've setup the dockerised graylog and here these links explaining to setup CA and generate certifacates to machines, so can you please explain the process to do in steps. Thanks and Regards Ranga -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/graylog2/b56cdc37-b96d-44a2-b094-06889e18b198%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
