[syslog-ng] Elastic 5 Support For More Than HTTP?

JONATHAN PRICE jonathan.price at raytheon.com
Thu Dec 7 23:00:03 UTC 2017


All,

A project I'm working on is wanting to leverage syslog-ng as our log 
shipper, but we're ideally wanting it to communicate with Elasticsearch 
5 over HTTPS or searchguard.  My understanding is current support is 
only for HTTP for Elastic 5.

Are there plans to add elastic 5 support for other client modes than 
HTTP anytime soon?  I'm fine just doing HTTP for now and switching to 
secured communications later.  If not, I'm okay spending a bit of time 
trying to get that working myself; I haven't delved too deep into the 
source, but the changes involving updates to the elastic module do not 
seem to be too too intensive and only include Java changes.  Is this a 
correct interpretation? It doesn't look like it would be too difficult 
to do, but since it hasn't been done I was wondering if there was 
something else involved I'm missing.

-- 
Thanks,
Jonathan Price
Associate Scientist, Cyber Security
Raytheon BBN Technologies



More information about the syslog-ng mailing list