Configuring syslog on Address Manager - BlueCat Integrity - 26.1.0

BAM allows you to set syslog (system log) redirection from the BAM user interface by adding an IP address for one or more syslog redirection servers.

1. Select the Settings tab in the sidebar, then select Service configuration.
2. Under Monitoring and analytics, locate the Syslog service panel and select Edit service.
3. Select the ISO 8601 timestamps enabled checkbox to use the ISO 8601 timestamp format for locally logged messages. The format is as follows: YYYY-MM-DDTHH:mm:ss+-ZONE. For example, 2022-10-13T15:58:00+01:00. If you leave this checkbox unchecked, locally logged messages use the legacy BSD timestamp.
4. Under Syslog redirection servers, set the following parameters:
   • Address—enter the IP address for a syslog server.
   • Port—enter the port used to connect to the syslog server.
   • Under Service types, select the services for which syslog messages are generated. You can select API v1 diagnostics, API v2 diagnostics, or All other services.
   • Severity level—select the logging level that is sent to the syslog server. The logging level can be one of the following:
     • Informational—informational messages of system events.
     • Notice—indicates normal but significant conditions within the system.
     • Warning—indicates warning conditions within the system.
     • Error—indicates error conditions within the system.
     • Critical—indicates critical conditions within the system.
     • Alert—indicates that action must be taken immediately.
     • Emergency—indicates that the system is unusable.
   • Transport protocol—select the transport protocol used to connect to the syslog server. You can select TCP, UDP, or TLS.
     If you select TLS, the following additional fields appear:

     • Peer verify—select the verification method of the remote peer. You can select one of the following:
       • required-trusted—the connection is TLS-encrypted if the remote peer has a valid certificate.
       • required-untrusted—the connection is TLS-encrypted if the remote peer has an invalid certificate or valid certificate.
       • optional-trusted—the connection is TLS-encrypted if the remote peer has no certificate or a valid certificate.
       • optional-untrusted—the connection is TLS-encrypted if the remote peer has no certificate, an invalid certificate, or a valid certificate.
         Note: If you set the Peer verify method to optional-untrusted, the CA certificate is optional.
     • CA certificate upload—upload a valid CA certificate used to verify the server certificate during the TLS handshake. The CA certificate must be in .pem, .cer, .cert, or .crt format.
     • Client certificate—(Optional) upload a valid client certificate to use for authentication. The client certificate must be in .pem, .cer, .cert, or .crt format.
     • Client private key—(Optional) upload a valid client private key to use for authentication. The client private key must be in .pem or .key format and must not be password-protected.
       Attention: If you upload a Client certificate, you must also upload a Client private key.

     Note: If you select TLS as the transport protocol, the Syslog protocol field is automatically set to RFC 5424 and the ISO 8601 timestamps enabled checkbox is automatically enabled.
   • Syslog protocol—use the drop-down menu to select either the RFC5424 syslog protocol (https://datatracker.ietf.org/doc/rfc5424/) or the legacy BSD RFC3164 syslog protocol ( https://datatracker.ietf.org/doc/rfc3164/) for syslog messages.
   • ISO 8601 timestamps enabled—select this checkbox to use the ISO 8601 timestamp format for syslog messages redirected to a remote syslog server. The format is as follows: YYYY-MM-DDTHH:mm:ss+-ZONE. For example, 2022-10-13T15:58:00+01:00.
     Note:

     • If you select set the Syslog protocol to RFC5424, this option is automatically enabled.
     • If you leave this checkbox unchecked, syslog messages use the legacy BSD timestamp.
5. (Optional) To add additional syslog servers, select the Add server (+) button.
6. Select Save.