Encrypted log transport

[adamely]

Ability for customers to receive logs via syslog over encrypted transport via stunnel or simliar. Mentioned by Facebook InfoSec and a feature I'd personally like to see.

[archaelus]

Yup. We're on this one. We're currently building in support for http(s) drains, and that work will enable other drain types like syslog/tls to be added more easily in future.

Could you guys give us some guidance on how the SSL Cert side of things would work?

• Would the logplex cluster use one cert as a client for all drains, or would we want to let people give us custom client certs to use?
• What kind of verification settings would we require to accepting a server cert on connection?
• How would we roll a cert - for expiry or other reasons?

[jon-millett-sm]

Any progress on this?

[archaelus]

Yes indeed. Logplex now has a framework for URL based drains and now supports https:// drains.

The protocol is documented in doc/README.http_drains.md and could be described as rfc5424 over HTTP POST.

If you're a Heroku customer and want early access to this feature, send me an email - geoff@heroku.com.

[archaelus]

We haven't implemented Syslog/TLS as we couldn't come up with a reasonable design that would a) let you verify that logplex was the client to your syslog server and b) would prevent other logplex users from connecting to you as a drain destination. https+basic auth does provide these features without a complicated client certificate scheme.

[archaelus]

HTTP drains seems to be the most reasonable answer here.