Administrator Guide

ManualsBrandsDell ManualsAccess PlatformsC9010 Modular Chassis Switch

1799

Parameters

hostname Enter the name of the host or device for which you wish to record logs

corresponding to the certificates.

NOTE: The hostname can be an IPV4 address, an IPV6 address, or a DNS

hostname—with or without DNS suffix.

secure Enter the keyword secure to enable the Syslog feature to communicate with a

compatible Syslog server using the secure TLS protocol over the default port

(6514). The range is from 1024 to 65535.

tcp Enter the keyword tcp to enable TCP.

udp Enter the keyword udp to enable UDP.

vrf

vrf-name

Enter the keyword vrf followed by the name of the VRF.

sha1

fingerprint

Enter the keyword sha1 followed by the finger print. This option is only available

when the secure option is configured. This new option enables the Syslog feature

to compare the received certificate’s sha-1 fingerprint against this configured sha-1

fingerprint. If present, only the fingerprint is used for certificate revocation

validation.

port

port-number

Enter the keyword port followed by the port number. The default port number is

6514 for secure logging.

Defaults None.

Command Modes CONFIGURATION

Command

History

This guide is platform-specific. For command information about other platforms, see the relevant Dell

Networking OS Command Line Reference Guide.

The following is a list of the Dell Networking OS version history for this command:

Version Description

9.11.0.0 Introduced this command.

Usage

Information

The following RBAC roles are allowed to issue this command:

● sysadmin

● secadmin

Following are the pre-requisites to configure logging:

● The logging command must be configured to enable event logging.

● A certificate must be installed on the switch. This certificate is only used for secure logging.

● At least one CA certificate must be installed on the switch so that the logging server’s certificate can

be verified. If a SHA1 fingerprint is present, only the fingerprint is used for certificate revocation

validation.

Commands

● crypto cert install

● crypto ca-cert install

● crypto cert generate

crypto x509 ca-keyid

Creates a per-certificate configuration context using the specified subject key identifier.

Syntax

crypto x509 ca-keyid subject-key-identifier

Use to the no crypto x509 ca-keyid command to remove this configuration.

Parameters

subject-key-

identifier

Enter the content of the SubjectKeyIdentifier field from the CA certificate.

X.509v3 1805