The SBC provides an option to provision a new parameter Rsyslog Profile. This profile uses local and remote certificates imported to the SBC and generates the three certificate files required for the rsyslog.conf file to support communication for Rsyslog.

Command Syntax

To create a new RsyslogTls Profile, assign the local and remote Certificates to the profile and generate the three Certificate files required for Rsyslog:

 
set profiles security RsyslogProfile <profile_name> clientCertName localCert serverCaCertName remoteCert

Command Parameters

AoR Record Profile Parameters

ParameterLength/RangeDescriptionM/O
RsyslogTlsProfileNAThe name of the RsyslogTls profile.M

Command Example

set profiles security RsyslogTlsProfile rlog
Possible completions:
  clientCertName   - The name of client Certificate referred by this Rsyslog-TLS profile.
  serverCaCertName - The name of server CA Certificate referred by this Rsyslog-TLS profile

To view the RsyslogTlsProfile, execute the command:

show profiles security RsyslogTlsProfile
RsyslogTlsProfile rSyslogprofile {
    clientCertName   localCert;
    serverCaCertName remoteCACert;
}
[ok]

Rsyslog Profile Certificates

The show command displays a new Rsyslog profile, along with local and remote certificates assigned to the Rsyslog  profile.

show system security pki
certificate localCert {
    state    enabled;
    fileName localCert.pem;
    type     local-internal;
}
certificate remoteCACert {
    state    enabled;
    fileName rootCA.der;
    type     remote;
}
certificate defaultSBCCert {
    state      enabled;
    fileName   sonuscert.p12;
    passPhrase $7$DibBrv9m1udynmteAN7fg48KXCD0O8/v;
    type       local;
}
certificate defaultDtlsSBCCert {
    state      enabled;
    fileName   defaultDtlsCert.p12;
    passPhrase $7$dbJlv+/Ds4mYQqJvIiOv/gl5ZdVCSOfV;
    type       local;
}
[ok]