Configure the TLS security in communications with the external SIEM server.
Enabled
Check this checkbox to use TLS security in communications with the external SIEM server.
When no proxy server is configured, communications with the SIEM server use the following protocols.
Enabled | Log forwarder communication with the SIEM server |
|---|---|
Checked | HTTPS |
Unchecked | HTTP |
After running the clusterctl proxy set command with the protocol parameter set to http, communications with the SIEM server use the following protocols.
Enabled | Log forwarder communication with the proxy | Proxy communication with the SIEM server |
|---|---|---|
Checked | HTTP | HTTPS |
Unchecked | HTTP | HTTP |
After running the clusterctl proxy set command with the protocol parameter set to https, communications bypass the proxy because Log forwarder does not support HTTPS communications with a proxy.
Enabled | Log forwarder communication with the SIEM server |
|---|---|
Checked | HTTPS |
Unchecked | HTTP |
Mandatory: No. When omitting this optional setting, TLS security is enabled by default.
Verify
Check this box to verify the TLS certificate of the external SIEM server.
Mandatory: No. When omitting this optional setting, the TLS certificate is not verified.
CA Certificate File
Click Select Files to import the CA certificate for validating the TLS certificate of the external SIEM server.
Mandatory: No. System certificates are used when omitting this optional setting.