Configuring a Syslog Server

Updated

You can configure a syslog server that can receive the system alerts, the audit trail, and the events.

Before You Begin

  • In a CommCell environment, to connect to a syslog server, you can use either UDP (User Datagram Protocol) or TLS (Transport Layer Security) encryption. Commcell environment supports TLS 1.2.

  • To enable secure messaging between the Commserve and the syslog server, obtain the certificate authority file that is used to sign Syslog Server certificate. The certificate authority file should be in .pem format only. Also, perform required configurations in the syslog server to accept encrypted messages from the Commserve.

  • Verify that the CommServe server can connect to the host or the IP address and port number of the syslog server that you plan to configure.

  • You must use one of the following syslog servers:

    • Rsyslog

    • nsyslog

    • ArcSight Syslog Server

    • Kiwi Syslog Server

    • syslog-ng

Procedure

  1. From the navigation pane, go to Manage > System.

    The System page appears.

  2. Click the Syslog server tile.

    The Syslog server page appears.

  3. In the Hostname box, type hostname or IP address of the syslog server.

  4. In the Port box, type the server port.

  5. To enable secure messaging between the Commserve and the syslog server, move the Enable secure messaging toggle key to the right.

  6. If you enabled secure messaging, then upload the certification authority file in Certificate Authority.

  7. To enable the syslog server, move the Enable toggle key to the right.

  8. For Forward to Syslog, select the log types that you want to forward to the syslog server.

  9. Click Submit.