How can I deny the log message sent by unknown source? Thanks

(Ryan) #1

Hello all,

I am receiving the Syslog using Logstash as Syslog server. My client machine sends the massage to Logstash server.

My question is how can I specify which one or more client machines are valid to avoid disallowed machine sends the syslog message to my Logstash server once he known my Logstash IP address and port?

I can't implement it via FILTERof Logstash because I am worry about performance issue. So I am looking for a internal mechanism of Logstash that can refuses unknown syslog likes IPTABLE before received by INPUT

Thanks a lot

(Magnus B├Ąck) #2

Apart from using filters Logstash has no functionality to reject connections from certain clients. Why not use the firewall for this?

(Ryan) #3

Thanks for your reply. If no internal mechanism, I will use firewall to implement this. Thanks a lot!

(system) #4

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.