To save logging history externally, you can configure Workspace ONE Access to export application level events from the Workspace ONE Access service to external syslog servers. Operating system events are not exported.
You can configure syslog servers to use either TCP or UDP protocol. If you use TCP over TLS, you upload an SSL certificate.
If you do not specify a syslog server during the initial configuration, you can configure it later by logging in to the VA Configuration page of the service node you want to configure and selecting Configure Syslog. For example, select Dashboard > System Diagnostics Dashboard > VA Configuration > Configure Syslog.
Prerequisites
- Set up an external syslog server. You can use any of the standard syslog servers available.
- Ensure that Workspace ONE Access can reach the syslog server.
- If using TCP protocol, a trusted root certificate to upload is required.
Procedure to Configure a Syslog Server
- Log in o the Workspace ONE Access console.
- Select .
- Click VA Configuration of the service node you want to configure and log in with the admin user password.
- Select Configure Syslog.
- Select Enable.
- Select a network protocol
UDP Workspace ONE Access transfers logs to syslog servers using the UDP protocol. TCP Workspace ONE Access transfers logs to syslog servers using the TLS protocol. TCP over TLS Workspace ONE Access transfers logs to syslog servers using the TCP over TLS protocol. - If you select the TCP over TLS network protocol, click Choose File to navigate to the root certificate PEM file to import.
Note: The certificate Common Name must match the syslog hostname or IP address provided while configuring syslog with TCP, otherwise the certificate validation might fail. The syslog server must be configured with a certificate to use the TCP over TLS option.
- In the Syslog Servers section, add the syslog hostname or IP address with the port number. If you do not provide a port number, the system uses port 514.
To add another syslog servers, click the + symbol.
- Click Save.
Deactivate the Syslog Service
- To deactivate the syslog service, on the VA Configuration > Configure Syslog page, select Disable.
- Click Save.