You can use the VMware Aria Operations for Logs Web user interface to configure the VMware Aria Operations for Logs Agents and the Ingestion API to allow only SSL connections to the server.

The VMware Aria Operations for Logs API is normally reachable through HTTP on port 9000 and through HTTPS on port 9543. Both ports can be used by the VMware Aria Operations for Logs Agent or custom API clients. All authenticated requests require SSL, but unauthenticated requests, includingVMware Aria Operations for Logs agent ingestion traffic, can be performed with either. You can force all API request to use SSL connections. The option does not restrict syslog port 514 traffic or affect the VMware Aria Operations for Logs user interface, for which HTTP port 80 requests continue redirecting to HTTPS port 443.

Prerequisites

Verify that you are logged in to the VMware Aria Operations for Logs web user interface as a Super Admin user, or a user associated with a role that has the relevant permissions. See Create and Modify Roles for more information. The URL format of the web user interface is https://operations-for-logs-host, where operations-for-logs-host is the IP address or host name of the VMware Aria Operations for Logs virtual appliance.

Procedure

  1. Expand the main menu and navigate to Configuration > SSL.
  2. Under the API Server SSL, select Require SSL Connection.
  3. Click Save.

Results

VMware Aria Operations for Logs API allows only SSL connections to the server. Non-SSL connections are refused.