Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Add_workflow_for_techpubs
AUTH1UserResourceIdentifier{userKey=

8a00a02355cd1c2f0155cd26c9b90306

8a00a0c86e9b2550016ec54396b5000a, userName='null'}
JIRAIDAUTHSBX-129187
REV5UserResourceIdentifier{userKey=8a00a02355cd1c2f0155cd26cb8305e9, userName='null'}
REV6UserResourceIdentifier{userKey=8a00a02355cd1c2f0155cd26cb8305e9, userName='null'}
REV3UserResourceIdentifier{userKey=

8a00a0c85652e498015669b485df0004

8a00a02355cd1c2f0155cd26cb870607, userName='null'}
REV1UserResourceIdentifier{userKey=

8a00a0c85dcad889015dee5a93e90002

8a00a02355cd1c2f0155cd26cb870607, userName='null'}


Panel

In this section:

Table of Contents
maxLevel4



Include Page
_FIPS_140_3_security_restrictions
_FIPS_140_3_security_restrictions

Overview

The 

Spacevars
0product
provides an option to provision Rsyslog Profile. This profile uses local and remote certificates imported to the 
Spacevars
0product
and generates the three certificate files required for the rsyslog.conf file to support communication for Rsyslog.

Configuration Example

To create a new RsyslogTls Profile, assign the local and remote Certificates to the profile and generate the three Certificate files required for Rsyslog:

Code Block
set profiles security RsyslogTlsProfile rSyslogprofile clientCertName localCert serverCaCertName remoteCert

 The Rsyslog supports TLS over TCP  using the protocol types tls-tcp.

 The Rsyslog Event Logs and the Linux Audit Logs support these new protocol types. The rsyslog.conf file supports TLS using the three TLS Certificate files created. The appropriate ACL rule is created to allow the SBC to communicate through the Application layer to the remote server on the IP Address, port and TLS protocol type.

Code Block
set oam eventLog typeAdmin <log_type> syslogRemoteHost <ip_address> syslogRemotePort <port_no> syslogRemoteProtocol <tls-tcp> syslogState enabled state enabled
set oam eventLog platformAuditLogs auditLogRemoteHost <ip_address> auditLogPort <port_no> auditLogProtocolType <tls-tcp> state enabled 

For the PSX-related changes, refer to  PSX Log Servers

Code Block
####################################EVENT LOGS CONFIGURATION on 3 REMOTE SYSLOG SERVERS ############
set oam eventLog typeAdmin system servers server1 syslogRemoteHost fd00:10:6b50:44e0::30 syslogRemotePort 515 syslogRemoteProtocol tcp
set oam eventLog typeAdmin debug servers server1 syslogRemoteHost fd00:10:6b50:44e0::30 syslogRemotePort 515 syslogRemoteProtocol tcp
set oam eventLog typeAdmin trace servers server1 syslogRemoteHost fd00:10:6b50:44e0::30 syslogRemotePort 515 syslogRemoteProtocol tcp
set oam eventLog typeAdmin acct servers server1 syslogRemoteHost fd00:10:6b50:44e0::30 syslogRemotePort 515 syslogRemoteProtocol tcp
set oam eventLog typeAdmin security servers server1 syslogRemoteHost fd00:10:6b50:44e0::30 syslogRemotePort 515 syslogRemoteProtocol tcp
set oam eventLog typeAdmin audit servers server1 syslogRemoteHost fd00:10:6b50:44e0::30 syslogRemotePort 515 syslogRemoteProtocol tcp


set oam eventLog typeAdmin system servers server2 syslogRemoteHost 10.54.49.58 syslogRemotePort 516 syslogRemoteProtocol relp
set oam eventLog typeAdmin debug servers server2 syslogRemoteHost 10.54.49.58 syslogRemotePort 516 syslogRemoteProtocol relp
set oam eventLog typeAdmin trace servers server2 syslogRemoteHost 10.54.49.58 syslogRemotePort 516 syslogRemoteProtocol relp
set oam eventLog typeAdmin acct servers server2 syslogRemoteHost 10.54.49.58 syslogRemotePort 516 syslogRemoteProtocol relp
set oam eventLog typeAdmin security servers server2 syslogRemoteHost 10.54.49.58 syslogRemotePort 516 syslogRemoteProtocol relp
set oam eventLog typeAdmin audit servers server2 syslogRemoteHost 10.54.49.58 syslogRemotePort 516 syslogRemoteProtocol relp


set oam eventLog typeAdmin system servers server3 syslogRemoteHost fd00:10:6b50:4300::13b syslogRemotePort 517 syslogRemoteProtocol tls-tcp
set oam eventLog typeAdmin debug servers server3 syslogRemoteHost fd00:10:6b50:4300::13b syslogRemotePort 517 syslogRemoteProtocol tls-tcp
set oam eventLog typeAdmin trace servers server3 syslogRemoteHost fd00:10:6b50:4300::13b syslogRemotePort 517 syslogRemoteProtocol tls-tcp
set oam eventLog typeAdmin acct servers server3 syslogRemoteHost fd00:10:6b50:4300::13b syslogRemotePort 517 syslogRemoteProtocol tls-tcp
set oam eventLog typeAdmin security servers server3 syslogRemoteHost fd00:10:6b50:4300::13b syslogRemotePort 517 syslogRemoteProtocol tls-tcp
set oam eventLog typeAdmin audit servers server3 syslogRemoteHost fd00:10:6b50:4300::13b syslogRemotePort 517 syslogRemoteProtocol tls-tcp

set oam eventLog typeAdmin system syslogState enabled
set oam eventLog typeAdmin debug syslogState enabled
set oam eventLog typeAdmin trace syslogState enabled
set oam eventLog typeAdmin acct syslogState enabled
set oam eventLog typeAdmin securitys syslogState enabled
set oam eventLog typeAdmin audit syslogState enabled

################# LINUX LOGS CONFIGURATION on 3 REMOTE SYSLOG SERVERS ######################

set oam eventLog platformRsyslog servers server1 remoteHost fd00:10:6b50:44e0::30 port 515 protocolType tcp 
set oam eventLog platformRsyslog servers server2 remoteHost 10.54.49.58 port 516 protocolType relp 
set oam eventLog platformRsyslog servers server3 remoteHost fd00:10:6b50:4300::13b port 517 protocolType  tls-tcp 
set oam eventLog platformRsyslog linuxLogs authLog enabled consoleLog enabled cronLog enabled daemonLog enabled fipsLog enabled kernLog enabled ntpLog enabled platformAuditLog enabled sftpLog enabled syslogLog enabled userLog enabled
set oam eventLog platformRsyslog syslogState enabled

pagebreak