Secure Communication Channels

LogLogic® LMI is a self-contained appliance and is available as physical hardware or as a virtual appliance. Access is limited to a few areas. Most communication with LogLogic LMI is limited to data center services.

Data Ingest and Ingress

Ingest and ingress of data into the LogLogic LMI application is limited to the following modes:

  • Web GUI
  • REST API
  • Web Services API
  • SSH
  • Collectors
  • (For hardware appliances only) Integrated Dell Remote Access Controller (iDRAC): The physical hardware of the LogLogic LMI appliance provides easy and secure hardware-based administrative access through iDRAC. iDRAC is secured over HTTPS and enables you to perform administrative tasks easily from a browser. Through iDRAC, you can perform all hardware operations and locally access the LogLogic LMI operating system. For more information, see Dell iDRAC.

Data Egress

Data can be sent out from LogLogic LMI in the following ways:

  • Forwarder: LLTCP (used to send data to other LogLogic LMI appliances), Syslog TCP/UDP
  • Alerts: SMTP, SNMP traps

Communication Channels and Their Security Configurations

By default, some communication channels are not secure, but they can be secured by configuring the channels to use the Secure Sockets Layer (SSL) or Transfer Layer Security (TLS) protocol. For information about how to configure a component for secure communication, see the TIBCO LogLogic® Log Management Intelligence Administration.

For configuration information about specific collectors, see the following documentation, which is available on the TIBCO eDelivery website or TIBCO Support website after logging in:

  • TIBCO LogLogic® Log Source Packages Log Configuration Guides
  • TIBCO LogLogic® Log Source Packages Log Collector Guides

The following diagram illustrates the components and communication protocols in a typical LogLogic LMI setup.

The following table describes the communication channels that can be configured, along with the references to more information, if applicable.

Key Communication Channels Connection Description and References
1 Web GUI HTTPS User Interface
2 API
  • Web Services API
  • RESTful
HTTPS OpenAPI
3 CLI SSH Administration console
4 LDAP authentication LDAP/S User authentication
5 Forwarders
  • Syslog
  • LLTCP
  • Syslog: UDP or TCP
  • LLTCP: TCP-TLS
Data forwarding
6 Alerting
  • SNMP
  • SMTP
  • SNMP: UDP or TCP
  • SMTP: TCP
Alerting

TCP offers TLS/SSL support. For more information, see the TIBCO LogLogic® Log Management Intelligence Administration.

7 Data collection
  • JDBC
  • File
  • API
  • LogLogic proprietary
  • Syslog
  • Others
  • JDBC:
    • (! ¥) MySQL
    • (! ¥) Microsoft SQL
    • (! ¥) Oracle
    • Sybase
  • File
    • SCP, SFTP
    • FTP, FTPS
    • HTTP, HTTPS
    • CIFS
  • API
    • (! ¥) VMware vCenter
    • (! ¥) Cisco SourceFire Defense Center
    • TIBCO Enterprise Message Service™
    • (! ¥) Apache Kafka
    • Check Point
    • HDFS, Amazon S3
  • TIBCO LogLogic proprietory: (!) ULDP, (!) LLTCP
  • Syslog: UDP, TCP
  • Others: NetFlow, (!) SNMP
Log and event collection

(!) Offers TLS/SSL support

(¥) For more information, see the TIBCO LogLogic® Log Source Packages Log Configuration Guides for that log source, which is available on the TIBCO eDelivery website or TIBCO Support website after logging in.

8 Dell iDRAC HTTPS Administrative access through iDRAC is available only on hardware appliance models.