The Syslog server logs the events that occur on the Unified Access Gateway (UAG) appliance.

Configure the Syslog server settings by providing details such as Syslog server URL, Syslog type, Syslog Client Certificate, and so on. You can configure multiple syslog servers with different protocols.

Procedure

  1. In the admin UI Configure Manually section, click Select.
  2. Under Advanced Settings, click the gearbox icon next to Syslog Server Settings.
  3. In the Syslog Server Settings window, enter the following details.
    Option Description
    Syslog Type

    Select the Syslog type from the drop-down menu.

    The options are:
    • None: This is the default value.
    • UDP: Syslog messages are sent over the network in plain text over UDP. This is the default option.

    • TLS: TLS encryption is added between two syslog servers to keep the messages secured.

    • TCP: Syslog messages are streamed over TCP.

    Note: This setting is applicable for Unified Access Gateway 3.7 and later. TCP option is applicable for Unified Access Gateway 2009 and later.
    Syslog URL When the Syslog Type is set to UDP or TCP, it is mandatory to add the Syslog URL. If the Syslog type is set to TLS, it is mandatory to add the Syslog server hostname.

    Enter the Syslog server URL that is used for logging Unified Access Gateway events. This value can be a URL or a host name or IP address.

    By default Content Gateway and Secure Email Gateway edge services events are logged. To log events on syslog server for Tunnel Gateway edge service configured on Unified Access Gateway, an administrator has to configure the Syslog on Workspaceone UEM console with the information.Syslog Hostname=localhost and Port=514

    Note: This is applicable for Unified Access Gateway 3.7 and later.
    Click Add to add the server details. The added details appear in a table on the Syslog Server Settings window but are not saved to the back-end until you click Save.
    Syslog Audit URL Enter the Syslog server URL that is used for logging Unified Access Gateway audit events. This value can be a URL or a host name or IP address. If you do not set the syslog server URL, no audit events are logged.

    Maximum number of two URLs can be provided. URLs are separated by a comma. Example: syslog://server1.example.com:514, syslog://server2.example.com:514

    Syslog client certificate
    Select a valid Syslog client certificate in the PEM format.
    Note: The client certificate and key, when configured is applied to all the servers configured in the TLS mode.
    Syslog client certificate key

    Select a valid Syslog client certificate key in the PEM format.

    Note: When Unified Access Gateway is deployed using PowerShell, if an invalid or expired certificate or key is provided, the admin UI instance will be not be available.
    Syslog Include System Messages Toggle Yes to enable system services such as haproxy, cron, ssh, kernel, and system to send system messages to the syslog server.

    By default, the toggle is set to No.

    Alternately, this feature can also be configured through the PowerShell deployment. For more information about the setting in the INI file, see Using PowerShell to Deploy the Unified Access Gateway Appliance.

  4. Click Save.

    If you want to change the added Sylsog servers' settings, click the gearbox icon corresponding to the servers listed in the table. A window appears with the server details. After making the changes, click OK to update the details and then click Save to save the details to the back-end.