Log Forwarder - r-syslog TLS Encryption

Question

Good day to all,&nbsp;We are working on the configuration of TLS rsyslog service encryption and decided to try with a self-signed certificate. We walked through this manual: RSyslog Documentation - rsyslog (created a CA, issued certificates, keys, etc.) but had no success. We did the configuration only on the server side (log forwarder) and not on the client. The log source is a Cortex XDR cloud platform, so we cannot configure anything on its side.&nbsp;From the Cortex XDR manual:&nbsp;"If your Syslog receiver uses a self-signed CA,&nbsp;Browse&nbsp;and upload your self-signed Syslog receiver CA."We uploaded the certificate, but it doesn't. work. Cortex XDR cannot verify the connection.Forwarding unencrypted logs works perfectly.&nbsp;&nbsp;Has anybody configured TLS rsyslog?&nbsp;&nbsp;I would kindly appreciate any advice on it.&nbsp;

mikhailf · Answer

I don't believe that nobody but only me has this issue with the TLS configuration of rsyslog.

azlab051 · Answer

Did you find the solution for this ?

mikhailf · Answer

Unfortunately, no, I didn't.&nbsp;But when it is possible, we use API to pull data from 3rd party systems.

Forum Discussion

Log Forwarder - r-syslog TLS Encryption

3 Replies

Resources