Dell Command Line Reference Guide for the S4048–ON System 9.14.2.5

PDF

logging secure

Creates a log file for various events related to X.509v3 certificates.

Syntax
logging {hostname} {secure | tcp | udp} [vrf vrf-name] [sha1 fingerprint] [port port-number]
Parameters
hostname
Enter the name of the host or device for which you wish to record logs corresponding to the certificates.
NOTE: The hostname can be an IPV4 address, an IPV6 address, or a DNS hostname—with or without DNS suffix.
secure
Enter the keyword secure to enable the Syslog feature to communicate with a compatible Syslog server using the secure TLS protocol over the default port (6514). The range is from 1024 to 65535.
tcp
Enter the keyword tcp to enable TCP.
udp
Enter the keyword udp to enable UDP.
vrf vrf-name
Enter the keyword vrf followed by the name of the VRF.
sha1 fingerprint
Enter the keyword sha1 followed by the finger print. This option is only available when the secure option is configured. This new option enables the Syslog feature to compare the received certificate’s sha-1 fingerprint against this configured sha-1 fingerprint. If present, only the fingerprint is used for certificate revocation validation.
port port-number
Enter the keyword port followed by the port number. The default port number is 6514 for secure logging.
Defaults
None.
Command Modes
CONFIGURATION
Command History

This guide is platform-specific. For command information about other platforms, see the relevant Dell EMC Networking OS Command Line Reference Guide.

The following is a list of the Dell EMC Networking OS version history for this command:

Version
Description
9.11.0.0
Introduced this command.
Usage Information
The following RBAC roles are allowed to issue this command:
  • sysadmin
  • secadmin

Following are the pre-requisites to configure logging:

  • The logging command must be configured to enable event logging.
  • A certificate must be installed on the switch. This certificate is only used for secure logging.
  • At least one CA certificate must be installed on the switch so that the logging server’s certificate can be verified. If a SHA1 fingerprint is present, only the fingerprint is used for certificate revocation validation.
Related Commands

Rate this content

Accurate
Useful
Easy to understand
Was this article helpful?
0/3000 characters
  Please provide ratings (1-5 stars).
  Please provide ratings (1-5 stars).
  Please provide ratings (1-5 stars).
  Please select whether the article was helpful or not.
  Comments cannot contain these special characters: <>()\