Users Guide

● Disable console logging, and reset the minimum logging severity to the default in CONFIGURATION mode.

no logging console severity

● Disable log-file logging, and reset the minimum logging severity to the default in CONFIGURATION mode.

no logging enable

Enable server logging for log notice

OS10(config)# logging server 10.11.86.139 severity log-notice

To provide enhanced security and privacy in the logged system messages sent to a syslog server, you can use the Transport

Layer Security (TLS) protocol. System logging over TLS encrypts communication between an OS10 switch and a configured

remote logging sever, including:

● Performing mutual authentication of a client and server using public key infrastructure (PKI) certificates

● Encrypting the entire authentication exchange so that neither user ID nor password is vulnerable to discovery, and that the

data is not modified during transport

Configure system logging over TLS

1. Copy an X.509v3 certificate created by a CA server using a secure method, such as SCP or HTTPS, as described in Manage

CA certificates. Then install the trusted CA certificate in EXEC mode.

crypto ca-cert install ca-cert-filepath [filename]

● ca-cert-filepath specifies the local path to the downloaded certificate; for example, home://CAcert.pem or

usb://CA-cert.pem.

● filename specifies an optional filename that the certificate is stored under in the OS10 trust-store directory. Enter the

filename in the filename.crt format.

2. Obtain an X.509v3 host certificate from the CA server as described in Request and install host certificates:

a. Create a private key and generate a certificate signing request for the switch.

Troubleshoot Dell EMC SmartFabric OS10