Basic auth does not work

[bhavsi]

I have setup basic auth in my fluentd configurations with authentication basic, along with username and password, and setup a user on Log Insight instance. I have setup the fluentd configuration with a wrong password. I am still able to push logs with the wrong credentials, and I am able to push logs even without setting up authentication basic. I am using port 9543 and scheme https.

[toddc-vmware]

While the fluentd plugin has options for basic auth, like you are seeing Log Insight does authenticate logs that are sent. The basic auth option in the plugin is useful when Log Insight is behind a proxy that provides basic auth, for instance nginx with the auth_request module. For more support with Log Insight you can start a discussion on https://communities.vmware.com/community/vmtn/vrealize/log-insight/overview

[bhavsi]

You mean, Log Insight does not authenticate logs that are sent?

[toddc-vmware]

See the entry under "Ingesting Events" on https://www.vmware.com/go/loginsight/api

"Ingest and index new log events via POST /api/v1/events/ingest/{UUID}. This is a non-authenticated interface designed for use by collection agents"

This is the same as for syslog. If you require authentication for log collection you'll need to put a authenticating proxy in front of Log Insight.