NSP application log forwarding to Elasticsearch
Description
NSP application log forwarding to a remote Elasticsearch server is disabled by default. To enable NSP application-log forwarding to an Elasticsearch server, you configure the parameters in the nsp—modules—logging—forwarding—applicationLogs—elasticsearch section of the NSP configuration file.
Activation and security
In order to activate Elasticsearch application-log forwarding, you must copy the required TLS certificate files from the Elasticsearch server to the following location on the NSP deployer host:
/opt/nsp/NSP-CN-DEP-release-ID/NSP-CN-release-ID/tls/fluent
If mTLS is enabled on the internal NSP interface, the following TLS files are required for the mutual authentication:
If basic TLS is enabled on the internal NSP interface, the root CA certificate file is mandatory, and the client files are optional.
The files transferred to the NSP deployer host must be named as follows:
During initialization, the NSP imports the required TLS certificates to the local trust store.