This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Log in to ask a question

Decrypting encrypted log traffic to the forwarder

Posted on 02-05-2024 12:57 PM
cmschelin
Bronze 2
Bronze 2
Reply posted on --/--/---- --:-- AM

We have a Chronicle forwarder set up, and we plan to send logs to it. Logs will be sent over the internet, so we're looking to encrypt the syslog data coming from our servers (rsyslog for Linux, nxlog for Windows).

How do we ensure that the Chronicle forwarder unencrypts those logs before sending them up to the cloud?

2 1 125
Topic Labels
1 REPLY 1

Posted on --/--/---- --:-- AM
DanHansen
Bronze 5
Bronze 5
Reply posted on --/--/---- --:-- AM

If I'm correct the forwarder encrypts data, sends it to Chronicle, Chronicle receives said data in encrypted form, catalogs it in encrypted form and stores it in encrypted form. In other words if the log is visible to you in Chronicle it is/was encrypted. Basing that logic on Google's Data Ingestion Overview

Top Solution Authors
View all