CLM application log forwarding to Elasticsearch

Description

CLM application log forwarding to a remote Elasticsearch server is disabled by default. To enable CLM application-log forwarding to an Elasticsearch server, you configure the parameters in the nspmodulesloggingforwardingapplicationLogselasticsearch section of the CLM configuration file.

Activation and security

In order to activate Elasticsearch application-log forwarding, you must copy the required TLS certificate files from the Elasticsearch server to the following location on the CLM deployer host:

/opt/nsp/NSP-CN-DEP-release-ID/NSP-CN-release-ID/tls/fluent

If mTLS is enabled on the internal CLM interface, the following TLS files are required for the mutual authentication:

If basic TLS is enabled on the internal CLM interface, the root CA certificate file is mandatory, and the client files are optional.

The files transferred to the CLM deployer host must be named as follows:

During initialization, the CLM imports the required TLS certificates to the local trust store.