NXLog User Guide
- OS Support
- Enterprise Edition Reference Manual
- 143. Man Pages
- 144. Configuration
- 145. Language
- 146. Extension Modules
- 147. Input Modules
- 148. Processor Modules
- 148.1. Blocker (pm_blocker)
- 148.2. Buffer (pm_buffer)
- 148.3. Event Correlator (pm_evcorr)
- 148.4. Filter (pm_filter)
- 148.5. HMAC message integrity (pm_hmac)
- 148.6. HMAC message integrity checker (pm_hmac_check)
- 148.7. De-duplicator (pm_norepeat)
- 148.8. Null (pm_null)
- 148.9. Pattern matcher (pm_pattern)
- 148.10. Format converter (pm_transformer)
- 148.11. Timestamping (pm_ts)
- 149. Output Modules
- NXLog Manager
- NXLog Add-Ons
This module is the pair of pm_hmac to check message integrity.
|This module has been deprecated and will be removed in a future release.|
|To examine the supported platforms, see the list of installer packages in the Available Modules chapter.|
This mandatory directive specifies the path of the certificate file to be used to verify the signature of the initial hash value.
This directive sets the hash function. The following message digest methods can be used:
sha512. The default is
md5. This must be the same as the hash method used for creating the HMAC values.
This optional directive specifies the path to a directory containing certificate authority (CA) certificates, which will be used to verify the certificate. The certificate filenames in this directory must be in the OpenSSL hashed format. A remote’s self-signed certificate (which is not signed by a CA) can also be trusted by including a copy of the certificate in this directory.
This optional directive specifies the path of the certificate authority (CA) certificate, which will be used to verify the certificate. To trust a self-signed certificate presented by the remote (which is not signed by a CA), provide that certificate instead.
This optional directive specifies the path to a directory containing certificate revocation lists (CRLs), which will be consulted when checking the certificate. The certificate filenames in this directory must be in the OpenSSL hashed format.
This optional directive specifies the path of the certificate revocation list (CRL), which will be consulted when checking the certificate.
This directive accepts a comma-separated list of fields. These fields will be used for calculating the HMAC value. This directive is optional, and the
$raw_eventfield will be used if it is not specified.
The following fields are used by pm_hmac_check.
This configuration accepts log messages in the NXLog binary format. The HMAC values are checked, then the messages are written to file.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 <Input tcp> Module im_tcp ListenAddr 192.168.1.1:1514 InputType Binary </Input> <Processor hmac_check> Module pm_hmac_check CertFile %CERTDIR%/client-cert.pem CAFile %CERTDIR%/ca.pem # CRLFile %CERTDIR%/crl.pem HashMethod SHA1 </Processor> <Output file> Module om_file File "/var/log/msg" </Output> <Route tcp_to_file> Path tcp => hmac_check => file </Route>