This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Log in to ask a question

Sending Syslog data via Google Chronicle forwarder

Posted on 10-04-2024 02:17 AM
rahul7514
Bronze 4
Bronze 4
Reply posted on --/--/---- --:-- AM

Hi 

If i am onboarding a log source via syslog using Chronicle forwarder , is it encrypted when in transit towards the Secops . 

Also if i want to onboard a log source which does not have internet connection ,how is this achievable ? 

0 3 1,052
Topic Labels
0 Likes
3 REPLIES 3

Posted on --/--/---- --:-- AM
cmorris
Staff
Reply posted on --/--/---- --:-- AM

Yes, traffic will be encrypted - https://cloud.google.com/chronicle/docs/data-ingestion-flow

For the second question, can the log source communicate with a forwarder?

0 Likes

Posted on --/--/---- --:-- AM
rahul7514
Bronze 4
Bronze 4
Reply posted on --/--/---- --:-- AM

Yes  @cmorris it can communicate with a forwarder.

Sorry 2 more doubt, does forwarder need to be on same network of the log source?? 

When sending 2 or more log via ingestion API  is there a necessary for different port? 

0 Likes

Posted on --/--/---- --:-- AM
cmorris
Staff
Reply posted on --/--/---- --:-- AM

Hi @rahul7514,

The forwarder needs to receive data from the log source, but shouldn't matter beyond that. Keep in mind the forwarder will need to also be able to talk to SecOps - https://cloud.google.com/chronicle/docs/install/install-forwarder#beforeyoubegin
For #2, no.

0 Likes
Top Solution Authors
View all