diff --git a/Vagrantfile b/Vagrantfile
index 5d2c526..2835604 100644
--- a/Vagrantfile
+++ b/Vagrantfile
@@ -56,11 +56,25 @@ Vagrant.configure("2") do |config|
systemctl restart rsyslog
fi
+ # Setup TLS
+ if [ ! -f /vagrant/tmp/ca_key.pem ]; then
+ echo "Generating TLS certificates..."
+ cd /vagrant/tmp
+ openssl req -newkey rsa:4096 \
+ -x509 \
+ -sha256 \
+ -days 3650 \
+ -nodes \
+ -out ca_cert.pem \
+ -keyout ca_key.pem \
+ -subj "/C=US/ST=Local/L=Local/O=Org/OU=IT/CN=example.com" \
+ 2> /dev/null
+ fi
+
# Install td-agent
cp /vagrant/td-agent.repo /etc/yum.repos.d/
yum check-update
yum install -y td-agent
- td-agent-gem install fluent-plugin-secure-forward
td-agent-gem install fluent-plugin-gelf-hs gelf
systemctl -q enable td-agent
diff --git a/td-agent-server.conf b/td-agent-server.conf
index a029c7f..d680300 100644
--- a/td-agent-server.conf
+++ b/td-agent-server.conf
@@ -1,12 +1,12 @@
- @type secure_forward
- shared_key test
- self_hostname 172.28.128.30
+ @type forward
port 2514
- secure true
- ca_cert_path /vagrant/tmp/ca_cert.pem
- ca_private_key_path /vagrant/tmp/ca_key.pem
- ca_private_key_passphrase test
+
+ version TLSv1_2
+ insecure true
+ cert_path /vagrant/tmp/ca_cert.pem
+ private_key_path /vagrant/tmp/ca_key.pem
+
diff --git a/td-agent.conf b/td-agent.conf
index dfd4ebe..03e8463 100644
--- a/td-agent.conf
+++ b/td-agent.conf
@@ -46,15 +46,11 @@
- @type secure_forward
- shared_key test
- self_hostname 172.28.128.31
- flush_interval 0s
- num_threads 2
- secure true
- ca_cert_path /vagrant/tmp/ca_cert.pem
-
+ @type forward
+ transport tls
+ tls_cert_path /vagrant/tmp/ca_cert.pem
+ name example.com
host 172.28.128.30
port 2514