You can use the vRealize Log Insight Web user interface to configure the vRealize Log Insight Agents and the Ingestion API to allow only SSL connections to the server.

About this task

The vRealize Log Insight API is normally reachable through HTTP on port 9000 and through HTTPS on port 9543. Both ports can be used by the vRealize Log Insight Agent or custom API clients. All authenticated requests require SSL, but unauthenticated requests, including vRealize Log Insight Agent ingestion traffic, can be performed with either. You can force all API request to use SSL connections. This option does not restrict Syslog port 514 traffic and does not affect the vRealize Log Insight user interface, for which HTTP port 80 requests continue redirecting to HTTPS port 443.

Prerequisites

Verify that you are logged in to the vRealize Log Insight Web user interface as a user with the Edit Admin permission. The URL format is https://log-insight-host, where log-insight-host is the IP address or host name of the vRealize Log Insight virtual appliance.

Procedure

  1. Click the configuration drop-down menu icon and select Administration.
  2. Under Configuration, click SSL.
  3. Under the API Server SSL, select Require SSL Connection.
  4. Click Save.

Results

vRealize Log Insight API allows only SSL connections to the server. Non-SSL connections are refused.