I have a Nxlog agent sending windows event with om_tcp module to a Logstash without errors.
Now I am trying to implement more secure forwarding with SSL, there was no issues with the Nxlog agent, just configured with the om_ssl and restarted the service and nxlog agent got connection with the logstash at the other end.
Issues I have is with the Logstash because I can´t activate ssl_enable in my config-file.
Here´s what I wrote at the Input section:
input {
tcp {
codec => json_lines { charset => CP1252 }
port => "514"
ssl_enable => true
ssl_verify => false
ssl_cert => "/Elastic/logstash/cert/logstash-cert.cer"
tags => [ "tcpjson" ]
type => "nxlog"
}
}
And when I try to start the pipeline, it stop with these lines:
[2020-11-18T13:21:07,448][INFO ][logstash.javapipeline ][main] Pipeline terminated {"pipeline.id"=>"main"}
[2020-11-18T13:21:07,464][ERROR][logstash.agent ] Failed to execute action {:id=>:main, :action_type=>LogStash::ConvergeResult::FailedAction, :message=>"Could not execute action: PipelineAction::Reload, action_result: false", :backtrace=>nil}
Please help
Chris