5 comments

[ 1.6 ms ] story [ 28.1 ms ] thread
This reminds me of another log shipping tool, http://logio.org/ which I think recently added support for encryption as well.
Great work as usual, Ryan. Glad to see this make it out there!
TLS transport mapping for Syslog requires that you maintain both client & server certificates for authentication.

The point of requiring certificates for the client is so your server doesn't get spoofed logs.

That is correct. However, using and maintaining client certificates is a huge pain, especially for a massively multitenant service such as Heroku.

HTTP Basic Auth is quite a bit simpler as an authentication mechanism and, over TLS, is sufficiently secure.

You don't need a client certificate for rsyslog's tls transport.