Papertrail

The revolution will be verbosely {,b}logged

Self-service protocol options

Posted by @lmarburger on

If you’ve ever needed to log from systems or services which don’t support TLS encryption, check out the new log destination options available today.

Every Papertrail log destination has always supported sending logs over TCP with TLS encryption or UDP without encryption. Some systems and services can’t use TLS encryption and can only send logs in plain text TCP. This required manual intervention on our part to flip the switch to accept these logs. More people have been requesting this change so we added it as a self-service option giving you control over how we listen for logs from your systems.

Adding a new log destination or editing an existing one will present new options to enable or disable any of the supported syslog protocols: TCP with TLS encryption, plain text TCP, and plain text UDP. All options use the same port number regardless of the protocol and encryption used.

Examples

Here are a few scenarios where these new options will be of use to you.

  • Security: Enable only the TCP/TLS option and we won’t listen for logs sent over plain text.1

  • Fastly: Logs drained from Fastly can only be sent over plain text TCP. After creating a new destination to use with Fastly, edit it, check the TCP: Plain text option, and configure your Fastly account to log to this destination.

  • Multiple Senders: Several systems using the same log destination can be configured to log using the protocol and encryption that makes sense for that system. Use a single destination for all of your systems.

  1. Because UDP is connectionless, it’s possible for a system to send unencrypted logs over the network even if Papertrail isn’t configured to accept logs over UDP. Disabling UDP on a destination will drop those those logs and they won’t make it into Papertrail so you’ll know immediately that something isn’t configured correctly.