Install or import the certificates for the SYSLOG client.
At least one SYSLOG server must be configured on the device using the logging syslog-server host command.
To configure Mutual Authentication do the following:
-
Import the SYSLOG client certificate. Use the following command.
crypto ca import-pkcs type pkcs12 cert-type syslog-client protocol FTP directory /mydir-name
file /myfile-name source-ip 10.11.12.13 user user-name password password
-
Import the SYSLOG server CA certificates.
crypto import syslogca directory /mydir-name file /myfile-name host 10.11.12.13 user user-name password password
-
Configure the SYSLOG server.
Navigate to the global configuration mode. This configures a SYSLOG server with
IP 10.11.12.13 with secure port 9449 which is a user configured port.
SLX (config)# logging syslog-server host 10.11.12.13 use-vrf mgmt-vrf
SLX (config)# secure port 9449
The following example shows the complete configuration of SYSLOG
server for Mutual Authentication.
logging raslog console INFO
logging syslog-server 10.11.12.13 use-vrf mgmt-vrf
secure port 9449
!
logging auditlog class SECURITY
logging auditlog class CONFIGURATION
logging auditlog class FIRMWARE
logging syslog-facility local LOG_LOCAL7
