Securing Syslog Transport Layer Security Sessions

By default, the following ciphers are enabled for Syslog Transport Layer Security (TLS) sessions:

aes128-sha, aes128-sha256; aes256-sha256; dhe-rsa-aes128-sha256; dhe-rsa-aes256-sha256

You can selectively enable and disable ciphers using the following command:

configure syslog tls cipher [[cipher | all] on | cipher off]

To see which ciphers are enabled or disabled for Syslog TLS sessions, use the following command:

show log configuration