35 lines
1.1 KiB
Text
35 lines
1.1 KiB
Text
[
|
|
{ type: install
|
|
message: <<EOM
|
|
If you want to run logstash-forwarder, add to /etc/rc.conf
|
|
|
|
logstash_forwarder_enable="YES"
|
|
|
|
Do not forget to edit your configuration file:
|
|
|
|
Default: ${PREFIX}/etc/logstash-forwarder.conf
|
|
|
|
Key points
|
|
|
|
You'll need an SSL CA to verify the server (host) with.
|
|
You can specify custom fields for each set of paths in the config file.
|
|
Any number of these may be specified. I use them to set fields like type
|
|
and other custom attributes relevant to each log.
|
|
|
|
Generating an ssl certificate
|
|
|
|
Logstash supports all certificates, including self-signed certificates.
|
|
To generate a certificate, you can run the following command:
|
|
|
|
$ openssl req -x509 -batch -nodes -newkey rsa:2048 -keyout \
|
|
logstash-forwarder.key -out logstash-forwarder.crt -days 365
|
|
|
|
This will generate a key at logstash-forwarder.key and the 1-year valid
|
|
certificate at logstash-forwarder.crt. Both the server that is running
|
|
logstash-forwarder as well as the logstash instances receiving logs will
|
|
require these files on disk to verify the authenticity of messages.
|
|
|
|
PROTECT YOUR KEYS!
|
|
EOM
|
|
}
|
|
]
|