I am currently working on a project that involves securing log forwarding using encrypted UDP.
I have a specific use case where I need to forward logs from one server to another over encrypted UDP, and I'm seeking guidance on how to set up this configuration properly.
Use Case Summary:
I have two physically separated servers: server1 and server2, with a diode (One-Way UDP Data Transfer) in between. I would like to achieve the following setup:
Server1: Listen on port 514 for non-encrypted TCP syslog messages. These logs need to be forwarded to server2 on encrypted UDP (TCP TLS is not an option)
Server2: Receive logs from server1 on port 514 using encrypted UDP. And should be sent to Logstash.
I would greatly appreciate it if anyone in the community could provide guidance, tips, or even a sample configuration that demonstrates how to achieve this setup successfully.
Thank you in advance for your assistance. I look forward to your responses and insights.