On a Window 2012 server I'm collecting system events and then sending them to a remote server using OutputType GELF. This works fine on my serverrs behind a firewall however I have a AWS server that I would like to log and send logs over a TLS connection.

Here's what my working Output looks like:

<Output out>
    Module      om_udp
    Host        XXX.XXX.XXX.XXX
    Port        12201
    OutputType  GELF
</Output>

<Route 1>
    Path      insql, in => out
</Route>

I have tested configs like below without success, the SSL connection is made but no logs are sent and the machine just repeats connections over and over to my graylog server.

<Output out>
    Module      om_ssl
    Host        XXX.XXX.XXX.XXX
    Port        12201
    CAFile     %ROOT%\cert\ca.pem
    CertFile    %ROOT%\cert\client-cert.pem
    CertKeyFile    %ROOT%\cert\client-key.pem
    OutputType  GELF
</Output>

<Route 1>
    Path      insql, in => out
</Route>

Any ideas on how to proxy a "OutputType GELF" within a TLS/SSL connection?

Thanks,

Chipmunk