Best practice: Implementing TLS-secured usage of syslog data You can implement use of the TLS protocol that is provided by an rsyslog package for TLS-secured sending of messages with syslog data. The rsyslog-gnutls package and several related packages are installed by default on the Web Gateway appliance system. The rsyslog-gnutls package provides the TLS protocol, which allows you implement TLS encryption for secure sending of log messages from a syslog client to a remote syslog (rsyslog) server. TLS-secured sending of syslog messages requires the use of SSL certificates for the server and its clients, as well as for a root certificate authority (root CA) that signs these certificates. The packages that are involved in implementing TLS encryption include: rsyslog-gnutls-5.8.10 rsyslog-5.8.10 gnutls-2.8.5 For more information about these packages, see the documentation of the vendor who provides them (RSYSLOG). High-level steps for implementing TLS-secured usage of syslog data To implement TLS-secured usage of syslog data with the rsyslog-gnutls package, complete the following high-level steps. Prepare the use of TLS-secured syslog data Make sure that system time and date is the same on all appliances that you want to prepare the use of TLS-secured syslog data on and create certificates for the TLS encryption. Configure a syslog server to receive TLS-secured data Work with a rsyslog system file on a Web Gateway appliance to configure a syslog server that receives TLS-secured data. Configure a syslog client to send TLS-secured data Work with a rsyslog system file on a Web Gateway appliance to configure a syslog client that sends TLS-secured data. Parent topic: Monitoring
Best practice: Implementing TLS-secured usage of syslog data You can implement use of the TLS protocol that is provided by an rsyslog package for TLS-secured sending of messages with syslog data. The rsyslog-gnutls package and several related packages are installed by default on the Web Gateway appliance system. The rsyslog-gnutls package provides the TLS protocol, which allows you implement TLS encryption for secure sending of log messages from a syslog client to a remote syslog (rsyslog) server. TLS-secured sending of syslog messages requires the use of SSL certificates for the server and its clients, as well as for a root certificate authority (root CA) that signs these certificates. The packages that are involved in implementing TLS encryption include: rsyslog-gnutls-5.8.10 rsyslog-5.8.10 gnutls-2.8.5 For more information about these packages, see the documentation of the vendor who provides them (RSYSLOG). High-level steps for implementing TLS-secured usage of syslog data To implement TLS-secured usage of syslog data with the rsyslog-gnutls package, complete the following high-level steps. Prepare the use of TLS-secured syslog data Make sure that system time and date is the same on all appliances that you want to prepare the use of TLS-secured syslog data on and create certificates for the TLS encryption. Configure a syslog server to receive TLS-secured data Work with a rsyslog system file on a Web Gateway appliance to configure a syslog server that receives TLS-secured data. Configure a syslog client to send TLS-secured data Work with a rsyslog system file on a Web Gateway appliance to configure a syslog client that sends TLS-secured data. Parent topic: Monitoring