SolarWinds.com Blog Contact Us
TECHNOLOGY
CAPABILITIES
LANGUAGES

Make Your Logs Work for You

The days of logging in to servers and manually viewing log files are over. SolarWinds® Papertrail™ aggregates logs from applications, devices, and platforms to a central location.

View Technology Info

FEATURED TECHNOLOGY

Kubenetes Cluster LoggingKubernetes LoggingAWS Log ManagementGC Log AnalyzerAWS LoggingDocker LoggingDocker SyslogHeroku LoggingLogging Tools for Azure App

Troubleshoot Fast and Enjoy It

SolarWinds® Papertrail™ provides cloud-based log management that seamlessly aggregates logs from applications, servers, network devices, services, platforms, and much more.

View Capabilities Info

FEATURED CAPABILITIES

Log ViewerFirewall Log AnalyzerCentralized Log ManagementLog AnalysisTail LoggingCron Job MonitoringLog AggregatorCloud Logging

Aggregate and Search Any Log

SolarWinds® Papertrail™ provides lightning-fast search, live tail, flexible system groups, team-wide access, and integration with popular communications platforms like PagerDuty and Slack to help you quickly track down customer problems, debug app requests, or troubleshoot slow database queries.

View Languages Info

FEATURED LANGUAGES

Linux Logging SoftwareLinux Log ManagementRuby Logging ManagerGolang LoggingHAproxy Log AnalyzerMySQL LoggingNGINX LoggingJavascript LoggingTomcat LoggingApache Log Analyzer
EVENT VIEWER
APM INTEGRATION
BUILT FOR COLLABORATION

Meet the Event Viewer

It's the heart of Papertrail.

Start Tour

TAKE A TOUR

Live TailSeek by TimeContextElegant SearchAPM IntegrationSkim-abilitySaved SearchesLog Velocity Analytics

TBD - APM Integration Title

TBD - APM Integration Description

TBD Link

APM Integration Feature List

Feature 1

TBD - Built for Collaboration Title

TBD - Built for Collaboration Description

TBD Link

Built for Collaboration Feature List

TIPS FROM THE TEAM

Tips from the Team

By engineers, for engineers

View More Tips

Additional Tips

Kubernetes LoggingMonitoring WordPress Error LogsA Guide to Log FilteringManaging and Analyzing Firewall LogsWhat Your Router Logs Say About Your NetworkHow to Diagnose App Issues Using Crash LogsDocker Container Logs5 Reasons LaaS Is Essential for Modern Log Management6 Secrets for Successful Log ManagementHow to Live Tail Docker Log

Technical Resources

Admin Guide Getting Started Release Notes

Educational Resources

Take a Tour Tips from the Team Use Cases

Connect with Us

THWACK Community Blog COVID-19 Resource Center
Blog > Retiring SSL 3.0

Retiring SSL 3.0

Posted by By telliott on May 20, 2015

Summary

On Friday, June 12, 2015, Papertrail will remove support for the outdated
security protocol SSL 3.0, which was released in 1996 and has since been
superseded by TLS.

TLS is automatically used by nearly all modern loggers that can send
encrypted log messages, so for the vast majority of customers this
change will have no impact. However, there are exceptions to this which
are explained in the next section.

In addition to this blog post, next week, we’ll directly email all
customers who we believe will or are likely to be affected.

Update: On May 29, 2015, the SSL 3.0 retirement date was changed from
June 5 to June 12.

What action do I need to take?

For clear text logging (which includes all UDP logging and some TCP
logging), no changes are necessary.

For those sending log messages in an encrypted form using nxlog, an
upgrade to 2.9.1347 will be needed. Other loggers may also be
affected, but at this time we aren’t aware of any. Next week,
we’ll directly email all customers who we believe will or may be
affected, and will work with anyone that needs help upgrading or
switching to an alternative logger that supports at least TLS 1.0.

If you’re concerned that you may be impacted, won’t be able to upgrade
affected senders by June 5th, or have other questions, please email us.

Why is this happening now?

On October 14, 2014, the POODLE vulnerability was publicly disclosed. It
described how a man-in-the-middle attack could be performed that
would reveal plain text data from an encrypted log packet transmitted
via SSL 3.0. This attack illustrates a fundamental flaw in the protocol
which cannot be properly patched. As a result, most vendors released
updates which disabled it.

In accordance with best security practices, Papertrail applied this
patch to all web servers and log ingestion points on the same day that
POODLE was announced. However, due to a misconfiguration, SSL 3.0
remained enabled on the latter and was deactivated in the last few weeks
as part of an unrelated patch.

This 2nd update was applied to each ingestion point over several days,
which meant that some syslog endpoints were patched while others weren’t. Due to DNS round robin, some nxlog clients would successfully connect to the unpatched endpoints while others would fail to connect to the patched.

After every ingestion point had been updated, it was discovered that
recent versions of nxlog only support encrypted logging via SSL 3.0 and
thus could not establish a secure connection to patched endpoints.

After speaking with customers, we decided to re-enable SSL 3.0 to
provide a reasonable amount of time for loggers to be upgraded. We will
be disabling SSL 3.0 again on June 5th.

If you have any questions, please email us.

What is Papertrail?

Hosted log management — log to the cloud

Recent Posts

Gaining full-stack visibility into Node.js applications
SolarWinds Observability helps you troubleshoot faster with New Log Patterns feature
The Next Generation of Papertrail is Here! 
Debugging 5 Common Networking Problems With Full Stack Logging
Logging and Debugging AWS Lamba
Live Render Log Monitoring with Papertrail

Related Posts

Datasheet Help Contact @papertrailapp Legal Documents California Privacy Rights Software Services Agreement Privacy Notice GDPR Resource Center SolarWinds Subscription Center COVID-19 Resource Center

© 2024 SolarWinds Worldwide, LLC. All rights reserved.