Table of Content
Table of Contents | ||||
---|---|---|---|---|
|
Overview
This document provides a method to create the certificate and key for CCE to process logs sent using the protocol TCP over TLS. This key is then used to configure devices that will be sending the logs with TCP over TLS protocol instead of unencrypted TCP or UDP. Usually these logs are sent to CCE on port 514.
Steps to Fetch Certificate and Key
First login to the CCE and run the command otmdoc -m to check the container status .
otmdoc -s logs-p command should be run next.Run the command cd /docker/config
Then ls to ensure that you see the file logstash_base_var.yml
Edit the file using the command vi logstash_base_var.yml
Update the line tcp over tls = false tothe line tcp over tls = true
Save the file in vi and exit vi.
Run exit command at last to exit from the container that you got into in step 2 above
Then restart cce-logs-processor by otmdoc -r cce-log-processor
Go into the container again using the step 2 above
then go into seceon-cce with help of command cd seceon-cce
then go into the logstash/config folder with the help of command cd logstash/config
then ls and you should see the file logserver.crt
You will also see the key as a file logserver.key
Copy these two files and use them to configure devices sending logs using tcp over tls.