syslog with TLS/SSL

Question

Hi,
&nbsp;is there any possibility to encrypt syslog messages to a remote syslog server?&nbsp;&nbsp;
&nbsp;Ciao Stefan :)&nbsp;

mike_kahler_488 · Answer

There is a section in the 10.x TMOS Management Guide for setting up encrypted logging: 
&nbsp;  
&nbsp; https://support.f5.com/kb/en-us/products/big-ip_ltm/manuals/product/tmos_management_guide_10_1/tmos_logging.html?sr=155090781022653 
&nbsp;  
&nbsp; I have not tested this.  Hope this helps.

stefan_klotz · Answer

Hi Mike,
&nbsp;thank you for the link, although it doesn't seem to be that easy. But maybe I will give it a try anyway.
&nbsp;In the meanwhile I had the idea to point the remote syslog server to a virtual server, which then has a serverside SSL profile assigned and the real syslog server in its pool.
&nbsp;Can anybody confirm if this is theoretical possible?&nbsp;
&nbsp;Ciao Stefan :)&nbsp;

hoolio · Answer

Hi Stefan, 
&nbsp;  
&nbsp; The syslog based config might not be easy--but it might be worth the effort.   
&nbsp;  
&nbsp; Using a virtual server might be possible--but I think it could result in any messages generated before TMM starts being lost.  Also, you'd need your syslog server to support SSL.  I'm not sure most do. 
&nbsp;  
&nbsp; Aaron

Forum Discussion

syslog with TLS/SSL

Recent Discussions

HTTP 413 error

iRule to Change Default Pool (not redirect to another pool)?

Throughput

Question about RSS for New and Updated Articles

Use of SSL Decryption.

Related Content

Load Balancing TCP TLS Encrypted Syslog Messages

TLS Fingerprinting to profile SSL/TLS clients without decryption

F5 ICAP over SSL/TLS (Secure ICAP) with F5 ASM/AWAF Antivirus Protection feature

F5 Server SSL Profile using TLS 1.0 instead of TLS 1.2

SSL Profiles Part 11: TLS Optimization

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS