Use the Syslog Settings screen to configure Apex Central to forward supported logs to a syslog server.
For more information, see the following topics:
The Syslog Settings screen appears.
Server address: Syslog server IP address or FQDN
Port: Syslog server port number
Protocol: Select the transmission protocol
If SSL/TLS is selected, Apex Central accepts valid self-signed certificates by default.
If the server certificate contains a Subject Alternative Name, the Subject Alternative Name must contain the server FQDN or IP address.
For additional security, use a valid server certificate or upload the server certificate to Apex Central.
Apex Central only supports server certificates in X.509 format with .DER or .PEM encoding.
Apex Central only supports uploading server certificates for SSL/TLS transmissions.
Apex Central uploads the selected server certificate.
CEF: Uses the standard Common Event Format (CEF) for log messages
Apex Central format: Sets the syslog Facility code to "Local0" and the Severity code to "Notice"
For more information, see Supported Log Types and Formats.
You can select log types from multiple log categories.
Apex Central displays the total number of selected log types next to the Log type drop-down list.
Testing the connection does not save the syslog server settings.
The syslog server connection status appears at the top of the screen.
Apex Central starts forwarding logs to the configured syslog server.
To monitor the log forwarding status, go to Administration > Command Tracking and select Forward Syslog from the Command drop-down list.
For more information, see Querying and Viewing Commands.