TLS encryption and mutual authentication using syslog-ng Premium Edition
Collecting log messages is an essential part of managing, maintaining, and troubleshooting IT systems. Since your log messages can contain all kinds of sensitive information, you should make sure that they are kept safe. The easiest way to protect the log messages as they are transferred from your clients to your logserver is to authenticate and encrypt the connection between the client and the server.
This tutorial shows you step-by-step how to create the certificates required to authenticate your server and your clients, and how to configure syslog-ng Premium Edition (syslog-ng PE) to send your log messages in an encrypted connection. Installing syslog-ng PE is not covered, for details, see Chapter 3, Installing syslog-ng in .
The tutorial is organized as follows:
Section 1, Creating self-signed certificates describes how to create the required certificates to encrypt and authenticate the connection between your logserver and your clients. Actually, you can use this part of the tutorial even if you do not use syslog-ng PE, as it is independent from the logging application you use.
Section 2, Configuring syslog-ng PE describes how to configure syslog-ng PE on your clients and your logserver.
Procedure 3, Testing what you have done gives you tips on how to test your configuration to make sure it is really working.