First off, not sure if this would fit better in the main logstash forum, as it's about the input plugin which doesn't seem to technically be part of logstash-forwarder.
So, logstash-forwarder allows me to specify SSL client certificates, but the jumberjack input plugin doesn't appear to do any validation of them, and in fact doesn't allow me to specify a CA or list of CAs to validate them against. What's going on here? Is this just not fully implemented yet? If I implement it and make a pull request would there be interest?
The current security model is Logstash Forwarder (client) will validate that the Logstash (server) it connects to is valid. The guarantee is that Logstash Forwarder will validate who it ships data to, so you won't leak sensitive data to malicious third parties.
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.