The vRealize Log Insight Server rejects the connection with the Log Insight Agents when you try to send non-encrypted traffic.

Problem

When you attempt to use cfapi to send nonencrypted traffic, the vRealize Log Insight Server rejects your connection. The following error message appears in the Log Insight Agent log.

403 Forbidden.

Cause

vRealize Log Insight is configured to accept only SSL connections, but the Log Insight Agents are configured to use non-SSL connection.

Solution

You can configure vRealize Log Insight Server to accept non-SSL connections or configure the Log Insight Agents to send data through SSL cfapi protocol connection.

Procedure

  1. Configure vRealize Log Insight Server to accept non-SSL connection.
    1. Click the configuration drop-down menu icon and select Administration.
    2. Under Configuration, click SSL.
    3. Under the API Server SSL header, deselect Require SSL Connection.
    4. Click Save.
  2. Configure the Log Insight Agents to send data through SSL Cfapi protocol connection.
    1. Navigate to the folder containing the liagent.ini file.

      Operating system

      Path

      Linux

      /var/lib/loginsight-agent/

      Windows

      %ProgramData%\VMware\Log Insight Agent

    2. Open the liagent.ini file in any text editor.
    3. Change the ssl key in the [server] section of the liagent.ini file to yes and the protocol to cfapi.
      proto=cfapi
      ssl=yes
      
    4. Save and close the liagent.ini file.