Fluentd
0.12
0.121.0
0.12
0.121.0
  • Introduction
  • Overview
    • Getting Started
    • Installation
    • Life of a Fluentd event
    • Support
    • FAQ
  • Use Cases
    • Centralized App Logging
    • Monitoring Service Logs
    • Data Analytics
    • Connecting to Data Storages
    • Stream Processing
    • Windows Event Collection
    • IoT Data Logger
  • Configuration
    • Config File Syntax
    • Routing Examples
    • Recipes
  • Deployment
    • Logging
    • Monitoring
    • Signals
    • RPC
    • High Availability Config
    • Failure Scenarios
    • Performance Tuning
    • Plugin Management
    • Trouble Shooting
    • Secure Forwarding
    • Fluentd UI
    • Command Line Option
  • Container Deployment
    • Docker Image
    • Docker Logging Driver
    • Docker Compose
    • Kubernetes
  • Input Plugins
    • tail
    • forward
    • secure_forward
    • udp
    • tcp
    • http
    • unix
    • syslog
    • exec
    • scribe
    • multiprocess
    • dummy
    • Others
  • Output Plugins
    • file
    • s3
    • kafka
    • forward
    • secure_forward
    • exec
    • exec_filter
    • copy
    • geoip
    • roundrobin
    • stdout
    • null
    • webhdfs
    • splunk
    • mongo
    • mongo_replset
    • relabel
    • rewrite_tag_filter
    • Others
  • Buffer Plugins
    • memory
    • file
  • Filter Plugins
    • record_transformer
    • grep
    • parser
    • stdout
  • Parser Plugins
    • regexp
    • apache2
    • apache_error
    • nginx
    • syslog
    • ltsv
    • csv
    • tsv
    • json
    • multiline
    • none
  • Formatter Plugins
    • out_file
    • json
    • ltsv
    • csv
    • msgpack
    • hash
    • single_value
  • Developer
    • Plugin Development
    • Community
    • Mailing List
    • Source Code
    • Bug Tracking
    • ChangeLog
    • Logo
  • Articles
    • Store Apache Logs into MongoDB
    • Apache To Riak
    • Store Apache Logs into Amazon S3
    • Before Install
    • Cep Norikra
    • Collect Glusterfs Logs
    • Common Log Formats
    • Docker Logging Efk Compose
    • Docker Logging
    • Filter Modify Apache
    • Forwarding Over Ssl
    • Free Alternative To Splunk By Fluentd
    • Data Collection to Hadoop (HDFS)
    • Data Analytics with Treasure Data
    • Install By Chef
    • Install By Deb
    • Install By Dmg
    • Install By Gem
    • Install By Rpm
    • Install From Source
    • Install On Beanstalk
    • Install On Heroku
    • Java
    • Kinesis Stream
    • Kubernetes Fluentd
    • Monitoring by Prometheus
    • Monitoring by Rest Api
    • Nodejs
    • Performance Tuning Multi Process
    • Performance Tuning Single Process
    • Perl
    • Php
    • Python
    • Quickstart
    • Raspberrypi Cloud Data Logger
    • Recipe Apache Logs To Elasticsearch
    • Recipe Apache Logs To Mongo
    • Recipe Apache Logs To S3
    • Recipe Apache Logs To Treasure Data
    • Recipe Cloudstack To Mongodb
    • Recipe Csv To Elasticsearch
    • Recipe Csv To Mongo
    • Recipe Csv To S3
    • Recipe Csv To Treasure Data
    • Recipe Http Rest Api To Elasticsearch
    • Recipe Http Rest Api To Mongo
    • Recipe Http Rest Api To S3
    • Recipe Http Rest Api To Treasure Data
    • Recipe Json To Elasticsearch
    • Recipe Json To Mongo
    • Recipe Json To S3
    • Recipe Json To Treasure Data
    • Recipe Nginx To Elasticsearch
    • Recipe Nginx To Mongo
    • Recipe Nginx To S3
    • Recipe Nginx To Treasure Data
    • Recipe Syslog To Elasticsearch
    • Recipe Syslog To Mongo
    • Recipe Syslog To S3
    • Recipe Syslog To Treasure Data
    • Recipe Tsv To Elasticsearch
    • Recipe Tsv To Mongo
    • Recipe Tsv To S3
    • Recipe Tsv To Treasure Data
    • Ruby
    • Scala
    • Splunk Like Grep And Alert Email
Powered by GitBook
On this page
  • Overview
  • Setup: Receiver
  • Setup: Sender
  • Confirm: Send an Event Over SSL
  • Resources

Was this helpful?

  1. Articles

Forwarding Over Ssl

PreviousFilter Modify ApacheNextFree Alternative To Splunk By Fluentd

Last updated 5 years ago

Was this helpful?

Overview

This is a quick tutorial on how to use the to enable SSL for Fluentd-to-Fluentd data transport.

It is intended as a quick introduction. For comprehensive documentation, including parameter definitions, please checkout out the and .

Setup: Receiver

First, install the secure forward plugin.

  • Fluentd: gem install fluent-plugin-secure-forward

  • td-agent v2:

    /usr/sbin/td-agent-gem install fluent-plugin-secure-forward

  • td-agent v1:

    /usr/lib/fluent/ruby/bin/fluent-gem install fluent-plugin-secure-forward

Then, set up the configuration file as follows:

<source>
  @type secure_forward
  shared_key YOUR_SHARED_KEY
  self_hostname server.fqdn.local
  cert_auto_generate yes
</source>

<match secure.**>
  @type stdout
</match>

Then, (re)start Fluentd/td-agent.

Setup: Sender

First, install the secure forward plugin.

  • Fluentd: fluent-gem install fluent-plugin-secure-forward

  • td-agent v2:

    /usr/sbin/td-agent-gem install fluent-plugin-secure-forward

  • td-agent v1:

    /usr/lib/fluent/ruby/bin/fluent-gem install fluent-plugin-secure-forward

Then, set up the configuration file as follows:

<source>
  @type forward
</source>

<match secure.**>
  @type secure_forward
  shared_key YOUR_SHARED_KEY
  self_hostname "#{Socket.gethostname}"
  <server>
    host RECEIVER_IP
    port 24284
  </server>
</match>

Then, (re)start td-agent.

Confirm: Send an Event Over SSL

On the sender machine, run the following command using fluent-cat

  • Fluentd:

    echo '{"message":"testing the SSL forwarding"}' | fluent-cat --json secure.test

  • td-agent v2:

    echo '{"message":"testing the SSL forwarding"}' | /opt/td-agent/embedded/bin/fluent-cat --json secure.test

  • td-agent v1:

    echo '{"message":"testing the SSL forwarding"}' | /usr/lib/fluent/ruby/bin/fluent-cat --json secure.test

Now, checking the receiver's Fluentd's log (for td-agent, this would be /var/log/td-agent/td-agent.log), there should be a line like this:

2014-10-21 18:18:26 -0400 secure.test: {"message":"testing the SSL forwarding"}

Resources

The <match> clause is there to print out the forwarded message into STDOUT (which is fed into var/log/td-agent/td-agent.log for td-agent) using .

The <source> clause is there to feed test data into Fluentd using . Make sure that YOUR_SHARED_KEY is same with the receiver's.

If this article is incorrect or outdated, or omits critical information, please . is a open source project under . All components are available under the Apache 2 License.

secure forward plugin
out_secure_forward
in_secure_forward
out_stdout
in_forward
in_secure_forward
out_secure_forward
the secure forward plugin's GitHub repo
let us know
Fluentd
Cloud Native Computing Foundation (CNCF)