# Secure Forwarding
## Overview
This is a quick tutorial on how to use the [secure forward plugin](https://github.com/fluent/fluentd-docs-gitbook/tree/507e377b7e8e78a312dc49e76bd9a302c33fd058/github.com/tagomoris/fluent-plugin-secure-forward/README.md) to **enable SSL for Fluentd-to-Fluentd data transport**.
It is intended as a quick introduction. For comprehensive documentation, including parameter definitions, please checkout out the [out\_secure\_forward](broken://pages/-LS2EqvMty2tW2x72u4O) and [in\_secure\_forward](broken://pages/-LR7PNxp98p8lLcWeFIa).
## Setup: Receiver
First, install the secure forward plugin.
* Fluentd: `gem install fluent-plugin-secure-forward`
* td-agent v2:
`/usr/sbin/td-agent-gem install fluent-plugin-secure-forward`
* td-agent v1:
`/usr/lib/fluent/ruby/bin/fluent-gem install fluent-plugin-secure-forward`
Then, set up the configuration file as follows:
```
@type secure_forward
shared_key YOUR_SHARED_KEY
self_hostname server.fqdn.local
cert_auto_generate yes
@type stdout
```
The `` clause is there to print out the forwarded message into STDOUT (which is fed into `var/log/td-agent/td-agent.log` for td-agent) using [out\_stdout](broken://pages/-LR7PNyBmzLJzywBPLgR).
Then, (re)start Fluentd/td-agent.
## Setup: Sender
First, install the secure forward plugin.
* Fluentd: `fluent-gem install fluent-plugin-secure-forward`
* td-agent v2:
`/usr/sbin/td-agent-gem install fluent-plugin-secure-forward`
* td-agent v1:
`/usr/lib/fluent/ruby/bin/fluent-gem install fluent-plugin-secure-forward`
Then, set up the configuration file as follows:
```
@type forward
@type secure_forward
shared_key YOUR_SHARED_KEY
self_hostname "#{Socket.gethostname}"
host RECEIVER_IP
port 24284
```
The `` clause is there to feed test data into Fluentd using [in\_forward](broken://pages/-LT-Ygoo0Q0rcub1BgFs). Make sure that `YOUR_SHARED_KEY` is same with the receiver's.
Then, (re)start td-agent.
## Confirm: Send an Event Over SSL
On the sender machine, run the following command using `fluent-cat`
* Fluentd:
`echo '{"message":"testing the SSL forwarding"}' | fluent-cat --json secure.test`
* td-agent v2:
`echo '{"message":"testing the SSL forwarding"}' | /opt/td-agent/embedded/bin/fluent-cat --json secure.test`
* td-agent v1:
`echo '{"message":"testing the SSL forwarding"}' | /usr/lib/fluent/ruby/bin/fluent-cat --json secure.test`
Now, checking the receiver's Fluentd's log (for td-agent, this would be `/var/log/td-agent/td-agent.log`), there should be a line like this:
```
2014-10-21 18:18:26 -0400 secure.test: {"message":"testing the SSL forwarding"}
```
## Resources
* [in\_secure\_forward](broken://pages/-LR7PNxp98p8lLcWeFIa)
* [out\_secure\_forward](broken://pages/-LS2EqvMty2tW2x72u4O)
* [the secure forward plugin's GitHub repo](https://github.com/fluent/fluentd-docs-gitbook/tree/507e377b7e8e78a312dc49e76bd9a302c33fd058/github.com/fluent/fluent-plugin-secure-forward/README.md)
If this article is incorrect or outdated, or omits critical information, please [let us know](https://github.com/fluent/fluentd-docs-gitbook/issues?state=open). [Fluentd](http://www.fluentd.org/) is a open source project under [Cloud Native Computing Foundation (CNCF)](https://cncf.io/). All components are available under the Apache 2 License.
---
# Agent Instructions: Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.
Perform an HTTP GET request on the current page URL with the `ask` query parameter:
```
GET https://docs.fluentd.org/0.12/deployment/secure-forwarder.md?ask=
```
The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.
Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.