Logstash forwarders are used ship the log files from one server to centralized server. We use spacial protocol called lumberjack to ship the log files. In the centralized server we will run the logstash instance which takes the lumberjack input and applies the pattern to get the desired output.
Here SSL certificate and SSL Key attributes are mandatory , How can we generate this certificates in windows machine. Its not possible to create it in windows machine directly,in order to do this either we need to install openssl. We can create this certificate easily in linux or solaris easily by executing below command.
We can use the same certificates in windows machine but CN=mylogstash-server should be the server name where your logstash is running.We cannot specify IP address in CN Name, only valid host names to be given or create a host entry in windows.Once certificate is generated same key needs to be used in both logstash forwarder and logstash.
input { lumberjack { # Listening port port => 4500 # The paths to your ssl cert and key ssl_certificate => "logstash.crt" ssl_key => "logstash.key" # As per type of the log type => "somelogs" } }
Here SSL certificate and SSL Key attributes are mandatory , How can we generate this certificates in windows machine. Its not possible to create it in windows machine directly,in order to do this either we need to install openssl. We can create this certificate easily in linux or solaris easily by executing below command.
openssl req -x509 -batch -nodes -newkey rsa:2048 -keyout lumberjack.key -out lumberjack.crt -subj /CN=mylogstash-server
We can use the same certificates in windows machine but CN=mylogstash-server should be the server name where your logstash is running.We cannot specify IP address in CN Name, only valid host names to be given or create a host entry in windows.Once certificate is generated same key needs to be used in both logstash forwarder and logstash.