Configuring Secure Forwarding
Configuring secure forwarding includes setting the mode for the particular syslog host and setting the TCP port through which the logs are sent to the syslog server.
Procedure
What to do next
After configuring secure forwarding on the switch, set the syslog server to be able to see the log messages on the interactive syslog viewer.
For TLS secure syslog, on the rsyslog server, configure the server to use TLS method and install the root certificate on the server in the switch.
Variable Definitions
The following table defines parameters for the syslog host command.
Variable |
Value |
---|---|
host <1–10> |
Specifies the ID for the syslog host. The range is 1–10. |
address WORD<0–46> |
Configures a host location for the syslog host. WORD <0–46> is the IPv4 or IPv6 address of the UNIX system syslog host in the format A.B.C.D or x:x:x:x:x:x:x:x. You can log system log messages to external system log hosts with both IPv4 and IPv6 addresses with no difference in functionality or configuration using CLI. |
enable |
Enables the syslog host. Use the no operator before this parameter, no syslog host enable to disable syslog host. The default is disabled. |
secure-forwarding |
Adds protected syslog using remote port forwarding for host. |
The following table defines parameters for the syslog host secure-forwarding command.
Variable |
Value |
---|---|
host <1–10> |
Creates and configures a host instance. Use the no operator before this parameter, no syslog host to delete a host instance. |
mode <none | tls [server-cert-name WORD<1-64>]> |
Specifies the mode of secure forwarding of syslog on the host. The default mode is none, that is, tls mode is disabled by default. Note:
Certificate validation is done only if the server-cert-name is configured. |
tcp-port <1025–49151> |
Set tcp-port for secure forwarding of syslog for host. The default tcp-port is 1025. To set the TCP port to default value, use command default syslog host <1–10> secure-forwarding tcp-port. Important:
The tcp-port 6000 cannot be used, as it is used as an internal port for Internal Spanning Tree (IST). |