Enrich logs with client certificate subject

When Logstash is secured with SSL mutual authentication, is it possible to have Logstash add the client certificate's subject as a field in an event before forwarding to Elasticsearch?

I don't think so. The SSL termination is negotiated well before the input ever receives the payload.

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.