1

I have a bunch of linux servers configured to push logs to another fluentd server using the fluent-secure-output plugin. Now I'd like to configure our windows servers using nxlogs.

I read a bit on the om_ssl nxlogs module, but I am puzzled about the shared key. Basically, fluentd's secure-output plugin requires a shared key to be identical everywhere for authentication (this is not tied to the certificates at all). But I can't see how I could specify this key in nxlog's om_ssl configuration.

Is this even supported at all? Is it possible to use nxlogs to forward to an ssl fluentd server?

Joe
  • 2,496
  • 1
  • 22
  • 30

2 Answers2

1

It looks like they have their own authentication protocol over TLS that uses shared_keys (i.e. passphrase) on the client side instead of using private keys. I don't know why that is needed but NXLog and most other log aggregator solutions (rsyslog, syslog-ng, logstash, etc) use plain TLS which can provide proper authentication for both the client and the server.

The protocol is described in their GitHub README and I doubt it will work with NXLog's om_ssl or anything else other than Fluentd's out_secure_forward.

b0ti
  • 2,319
  • 1
  • 18
  • 18
0

The Fluentd input/output plugin to forward fluentd messages over SSL with authentication, works only between the two plugin (which is actually the same one) using authentication by shared_key check from both of client(out_secure_forward) and server(in_secure_forward).

So unfortunately you can't sent it through your nxlog only through out_secure_forward.

dorony
  • 1,008
  • 1
  • 14
  • 31