Microsoft Secure Tech Accelerator
Apr 03 2024, 07:00 AM - 11:00 AM (PDT)
Microsoft Tech Community

Sentinel Syslog over TLS Forwarder

Steel Contributor

Hello Microsoft Techcommunity, 

 

Has anybody succeeded to build a Sentinel Syslog forward that accepts Syslog over TLS?

I've tried several times with Self-signed certificates but didn't succeed. 

This: Using TLS for receiving log messages - rsyslog, this: Rsyslog TLS configuration : Ubuntu simple step-by-step - Bing video and several other articles and videos are great, but didn't help.

 

Unfortunately, Microsoft doesn't provide any assistance with the TLS configuration because this is not their product (so why does it recommend using this?)

 

I would be more than happy if anyone can help with configuring Syslog over TLS with NOT a self-signed certificate but with a certificate purchased on a service like GoDaddy, DigiCert, etc.

2 Replies
Just a clarification: do you need certificate authentication or just TSL for securing the traffic?
TLS for securing the traffic.