Administrator Guide
logging secure
Creates a log le for various events related to X.509v3 certicates.
Syntax
logging {hostname} {secure | tcp | udp} [vrf vrf-name] [sha1 fingerprint] [port
port-number]
Parameters
hostname Enter the name of the host or device for which you wish to record logs corresponding to
the certicates.
NOTE: The hostname can be an IPV4 address, an IPV6 address, or a DNS
hostname—with or without DNS sux.
secure Enter the keyword secure to enable the Syslog feature to communicate with a
compatible Syslog server using the secure TLS protocol over the default port (6514). The
range is from 1024 to 65535.
tcp Enter the keyword tcp to enable TCP.
udp Enter the keyword udp to enable UDP.
vrf vrf-name Enter the keyword vrf followed by the name of the VRF.
sha1 ngerprint Enter the keyword sha1 followed by the nger print. This option is only available when
the secure option is congured. This new option enables the Syslog feature to compare
the received certicate’s sha-1 ngerprint against this congured sha-1 ngerprint. If
present, only the ngerprint is used for certicate revocation validation.
port port-number Enter the keyword port followed by the port number. The default port number is 6514
for secure logging.
Defaults None.
Command Modes CONFIGURATION
Command History
This guide is platform-specic. For command information about other platforms, see the relevant Dell Networking
OS Command Line Reference Guide.
The following is a list of the Dell Networking OS version history for this command:
Version Description
9.11.0.0 Introduced this command.
Usage Information The following RBAC roles are allowed to issue this command:
• sysadmin
• secadmin
Following are the pre-requisites to congure logging:
• The logging command must be congured to enable event logging.
• A certicate must be installed on the switch. This certicate is only used for secure logging.
• At least one CA certicate must be installed on the switch so that the logging server’s certicate can be
veried. If a SHA1 ngerprint is present, only the ngerprint is used for certicate revocation validation.
1716 X.509v3