All Collections
Logs Management
Security
How to ensure only whitelisted hosts can send logs
How to ensure only whitelisted hosts can send logs

Learn how to ensure only whitelisted hosts can send logs via any inputs

Kieran Southern avatar
Written by Kieran Southern
Updated over a week ago

Why you may want to only allow whitelisted hosts to send logs

Enabling only whitelisted hosts to send logs provides a higher level of security and control over the logging environment. This is because reducing log transmission to whitelisted hosts only reduces the available attack surface.

Additionally, another option to provide further security over your logging environment is to establish Logstash firewall configurations. This allows you to manage and restrict which IP addresses can send data to your stacks and which ports those restrictions apply to.

This ensures that only trusted and approved devices or systems can send logs, minimizing the risk of unauthorized access or potential security breaches. Also, in regulated industries or environments with strict compliance requirements, enabling only whitelisted hosts to transmit logs aids in meeting regulatory standards.

Whitelisted Hosts Sending Logs

To ensure authentication, when using an input such as Beats-SSL, we recommend checking that you have IP whitelisting enabled. Having this enabled will guarantee that only whitelisted hosts can send logs via any of the inputs.

What's next:

Did this answer your question?