Configuring remote syslog server from CLI

Last Updated : Dec 10, 2021 |

About this task

From System Manager Release 8.1.3.3, you can configure the remote syslog server by using the configureSyslog command. You can configure one or more remote syslog servers at a time. For entering more than one remote syslog server, each of the remote syslog server entry must be pipe separated.

Before you begin

  • If the one-way TLS authentication (Server certificate authentication) is required, then add the CA certificate of the remote syslog into the System Manager trust store (select SYSLOG in Select Store Type to add trusted certificate).

    For information, see Adding trusted certificates.

  • If two-way TLS authentication (Mutual TLS authentication) is required then you must also add CA certificate, corresponding to the identity certificate used by System Manager syslog service, to the trusted store of the remote syslog server.

    For information, see Replacing an identity certificate.

    Note:

    For the two-way TLS authentication (Mutual TLS authentication):

    • When you fresh deploy System Manager Release 10.1 and later, add the rsyslog sever details in the /etc/hosts file before running the configureSyslog command.

    • When you upgrade System Manager to Release 10.1 and later from 8.1.x, ensure to add the rsyslog sever details in the /etc/hosts file of System Manager 8.1.x.

    Use the editHosts command to modify the /etc/hosts file on System Manager. For information, see editHosts.

Procedure

  1. Log in to the System Manager command line interface with administrator privilege CLI user credentials.
  2. Based on the authentication type, do one of the following:

    • To configure remote syslog server that is using the UDP protocol, type the following:

      configureSyslog -s @<hostname_or_ip:port>

      For example, to configure remote syslog server (IP Address 1.2.3.4 and Port 514) that is using the UDP protocol, type the following:

      configureSyslog -s @1.2.3.4:514

      For example, to configure two remote syslog servers that is using the UDP protocol, type the following:

      configureSyslog -s "@1.2.3.4:514|@5.6.7.8:514"

    • To configure remote syslog server that is using the TCP port, type the following:

      configureSyslog -s @@<hostname_or_ip:port>

      For example, to configure remote syslog server (IPv6 Address [2000:1::4] and Port 514) that is using the TCP protocol, type the following:

      configureSyslog -s @@[2000:1::4]:514

    • For one-way TLS authentication (Server certificate authentication), type the following:

      configureSyslog -s @@@<hostname_or_ip:port>

      For example, to configure remote syslog server (IP Address 1.2.3.4 and Port 6514) that is using the one-way TLS authentication, type the following:

      configureSyslog -s @@@1.2.3.4:6514

      Add the CA certificate to syslog_truststore.

    • For two-way TLS authentication (Mutual TLS authentication), type the following:

      configureSyslog -s @@@@<hostname_or_ip:port>

      For example, to configure remote syslog server (IP Address 1.2.3.4 and Port 6514) that is using the two-way TLS authentication, type the following:

      configureSyslog -s @@@@1.2.3.4:6514

      Add the CA certificate to syslog_truststore and certificate to syslog keystore.

Related information
editHosts
Replacing an identity certificate
Adding trusted certificates