These are the steps Cortex Data Lake takes to ensure
that a log receiver has a valid certificate.
Cortex Data Lake secures your log data
by ensuring that the server you specify to receive your logs is
trusted and legitimate.
When you configure syslog or HTTPS forwarding, Cortex Data Lake
ensures that your log data arrives safely to its intended destination
by verifying the certificate on the receiving server. For maximum
security, Cortex Data Lake performs multiple validity checks:
Cortex Data Lake checks...
to verify that...
Third-Party CA Signature
The server’s full certificate chain is present
and signed by a trusted certificate authority (CA).
None of the certificates in the chain have expired.
Host Name Match
The value entered for the Syslog Server name matches
the Subject Alternative Name (SAN) of the server certificate.
None of the certificates in the chain have
been revoked by its issuing CA.