[collectd] Collectd and data encryption

Melkor Lord melkor.lord at gmail.com
Fri Mar 6 15:53:32 CET 2015


On Wed, Mar 4, 2015 at 4:10 AM, Giovanni Torres <giovtorres at hotmail.com>
wrote:

> How is it triggered? I see no way to enforce it by a configuration
> > flag. Is it negociated with the destination to test if it supports
> > signing/encrytion and then use it?
>
> You must have compiled collectd with libgcrypt support, otherwise signing
> or encryption will not work.  Have a look at the source code for the
> network plugin (
> https://github.com/collectd/collectd/blob/master/src/network.c).  You
> will see references to "#if HAVE_LIBGCRYPT".  Otherwise, the
> "SecurityLevel" options are ignored, as stated here:
> https://collectd.org/documentation/manpages/collectd.conf.5.shtml#plugin_network
>
> When you compile collectd, look for the following line:
>     libgcrypt . . . . . . yes
>
> If not, install the libgcrypt-devel package (if on CentOS) and recompile.
>

Thank you. I realize my question was dumb because I only refered to -
https://collectd.org/wiki/index.php/Plugin:Network - where there's no
explanation on how to trigger/use the signing and/or encryption whereas in
your link (the manpage), everything is mentioned there. Sorry again, now I
know how to trigger what I need.

Indeed, my collectd network plugin is compiled with libgrypt as confirmed
by ldd so everything should be fine.


> > On the same matter, Riemann plugin should support SSL as Riemann itself
> > supports it too - http://riemann.io/api/riemann.transport.tcp.html -
> > via the ssl-handler
> >
>
> What's the question here?
>

This time however I think this is a legitimate question :-) Riemann
supports SSL but there's nothing mentioned in the plugin doc -
https://collectd.org/documentation/manpages/collectd.conf.5.shtml#plugin_write_riemann
- that would lead to believe we can use it. There's no SSL/TLS option. Is
this planned at some time?

This is very useful when Collectd and Riemann are not installed on the same
server.

-- 
Unix _IS_ user friendly, it's just selective about who its friends are.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.verplant.org/pipermail/collectd/attachments/20150306/44d1c68b/attachment.html>


More information about the collectd mailing list