Create a Remote Syslog Server
A remote syslog server can communicate when KMAs that reside at a different physical site.
Available to: Security Officer
- In the left navigation menu, expand System Management, expand Local Configuration, and then select Remote Syslog.
- Click Create...
- Enter the following information:
- Destination ID of a remote syslog server. This value uniquely identifies the remote syslog server.
- Network address (IP address, or if DNS is configured, host name) of the remote syslog server.
- Select which network protocol (TCP Unencrypted or TLS) to use for
communication with the remote syslog server. If you select TLS (either with
server authentication or server and client authentication), do the
following:
- Enter the location of the Certificate Authority (CA) certificate file.
- If you plan to use mutual authentication (using both
server and client authentication) enter locations for the client
(KMA) certificate file and client private key file. You can enter a
password if the client private key is password protected.
Note:
Certificate and private key files must be in PEM format.
- Optionally, enter a port number on which the remote syslog service on the remote syslog server is listening. Port 514 is used by default for TCP Unencrypted, and port 6514 is used by default for TLS.
- Use the check box to select whether the remote syslog server is enabled.
- Click Save.