Configuring Rsyslog Profile

In this section:

Overview

The SBC provides an option to provision Rsyslog Profile. This profile uses local and remote certificates imported to the SBC and generates the three certificate files required for the rsyslog.conf file to support communication for Rsyslog.

Configuration Example

To create a new RsyslogTls Profile, assign the local and remote Certificates to the profile and generate the three Certificate files required for Rsyslog:

set profiles security RsyslogTlsProfile rSyslogprofile clientCertName localCert serverCaCertName remoteCert

The Rsyslog supports TLS over TCP using the protocol types tls-tcp.

The Rsyslog Event Logs and the Linux Audit Logs support these new protocol types. The rsyslog.conf file supports TLS using the three TLS Certificate files created. The appropriate ACL rule is created to allow the SBC to communicate through the Application layer to the remote server on the IP Address, port and TLS protocol type.

set oam eventLog typeAdmin <log_type> syslogRemoteHost <ip_address> syslogRemotePort <port_no> syslogRemoteProtocol <tls-tcp> syslogState enabled state enabled
set oam eventLog platformAuditLogs auditLogRemoteHost <ip_address> auditLogPort <port_no> auditLogProtocolType <tls-tcp> state enabled

For the PSX-related changes, refer to PSX Log Servers

####################################EVENT LOGS CONFIGURATION on 3 REMOTE SYSLOG SERVERS ############
set oam eventLog typeAdmin system servers server1 syslogRemoteHost fd00:10:6b50:44e0::30 syslogRemotePort 515 syslogRemoteProtocol tcp
set oam eventLog typeAdmin debug servers server1 syslogRemoteHost fd00:10:6b50:44e0::30 syslogRemotePort 515 syslogRemoteProtocol tcp
set oam eventLog typeAdmin trace servers server1 syslogRemoteHost fd00:10:6b50:44e0::30 syslogRemotePort 515 syslogRemoteProtocol tcp
set oam eventLog typeAdmin acct servers server1 syslogRemoteHost fd00:10:6b50:44e0::30 syslogRemotePort 515 syslogRemoteProtocol tcp
set oam eventLog typeAdmin security servers server1 syslogRemoteHost fd00:10:6b50:44e0::30 syslogRemotePort 515 syslogRemoteProtocol tcp
set oam eventLog typeAdmin audit servers server1 syslogRemoteHost fd00:10:6b50:44e0::30 syslogRemotePort 515 syslogRemoteProtocol tcp


set oam eventLog typeAdmin system servers server2 syslogRemoteHost 10.54.49.58 syslogRemotePort 516 syslogRemoteProtocol relp
set oam eventLog typeAdmin debug servers server2 syslogRemoteHost 10.54.49.58 syslogRemotePort 516 syslogRemoteProtocol relp
set oam eventLog typeAdmin trace servers server2 syslogRemoteHost 10.54.49.58 syslogRemotePort 516 syslogRemoteProtocol relp
set oam eventLog typeAdmin acct servers server2 syslogRemoteHost 10.54.49.58 syslogRemotePort 516 syslogRemoteProtocol relp
set oam eventLog typeAdmin security servers server2 syslogRemoteHost 10.54.49.58 syslogRemotePort 516 syslogRemoteProtocol relp
set oam eventLog typeAdmin audit servers server2 syslogRemoteHost 10.54.49.58 syslogRemotePort 516 syslogRemoteProtocol relp


set oam eventLog typeAdmin system servers server3 syslogRemoteHost fd00:10:6b50:4300::13b syslogRemotePort 517 syslogRemoteProtocol tls-tcp
set oam eventLog typeAdmin debug servers server3 syslogRemoteHost fd00:10:6b50:4300::13b syslogRemotePort 517 syslogRemoteProtocol tls-tcp
set oam eventLog typeAdmin trace servers server3 syslogRemoteHost fd00:10:6b50:4300::13b syslogRemotePort 517 syslogRemoteProtocol tls-tcp
set oam eventLog typeAdmin acct servers server3 syslogRemoteHost fd00:10:6b50:4300::13b syslogRemotePort 517 syslogRemoteProtocol tls-tcp
set oam eventLog typeAdmin security servers server3 syslogRemoteHost fd00:10:6b50:4300::13b syslogRemotePort 517 syslogRemoteProtocol tls-tcp
set oam eventLog typeAdmin audit servers server3 syslogRemoteHost fd00:10:6b50:4300::13b syslogRemotePort 517 syslogRemoteProtocol tls-tcp

set oam eventLog typeAdmin system syslogState enabled
set oam eventLog typeAdmin debug syslogState enabled
set oam eventLog typeAdmin trace syslogState enabled
set oam eventLog typeAdmin acct syslogState enabled
set oam eventLog typeAdmin securitys syslogState enabled
set oam eventLog typeAdmin audit syslogState enabled

################# LINUX LOGS CONFIGURATION on 3 REMOTE SYSLOG SERVERS ######################

set oam eventLog platformRsyslog servers server1 remoteHost fd00:10:6b50:44e0::30 port 515 protocolType tcp 
set oam eventLog platformRsyslog servers server2 remoteHost 10.54.49.58 port 516 protocolType relp 
set oam eventLog platformRsyslog servers server3 remoteHost fd00:10:6b50:4300::13b port 517 protocolType  tls-tcp 
set oam eventLog platformRsyslog linuxLogs authLog enabled consoleLog enabled cronLog enabled daemonLog enabled fipsLog enabled kernLog enabled ntpLog enabled platformAuditLog enabled sftpLog enabled syslogLog enabled userLog enabled
set oam eventLog platformRsyslog syslogState enabled

Space shortcuts

Page tree

Overview

Configuration Example