syslog with TLS/SSL

Question

Hi,
&nbsp;is there any possibility to encrypt syslog messages to a remote syslog server?&nbsp;&nbsp;
&nbsp;Ciao Stefan :)&nbsp;

mike_kahler_488 · Answer

There is a section in the 10.x TMOS Management Guide for setting up encrypted logging: 
&nbsp;  
&nbsp; https://support.f5.com/kb/en-us/products/big-ip_ltm/manuals/product/tmos_management_guide_10_1/tmos_logging.html?sr=155090781022653 
&nbsp;  
&nbsp; I have not tested this.  Hope this helps.

stefan_klotz · Answer

Hi Mike,
&nbsp;thank you for the link, although it doesn't seem to be that easy. But maybe I will give it a try anyway.
&nbsp;In the meanwhile I had the idea to point the remote syslog server to a virtual server, which then has a serverside SSL profile assigned and the real syslog server in its pool.
&nbsp;Can anybody confirm if this is theoretical possible?&nbsp;
&nbsp;Ciao Stefan :)&nbsp;

hooleylist · Answer

Hi Stefan, 
&nbsp;  
&nbsp; The syslog based config might not be easy--but it might be worth the effort.   
&nbsp;  
&nbsp; Using a virtual server might be possible--but I think it could result in any messages generated before TMM starts being lost.  Also, you'd need your syslog server to support SSL.  I'm not sure most do. 
&nbsp;  
&nbsp; Aaron

Forum Discussion

syslog with TLS/SSL

3 Replies

Recent Discussions

ASM instance creation

[ASM] - what is "Browser Challange file" ?

[ASM] - HTML5 Cross-Domain Request Enforcement - CLI command

Reverse Proxy Not Behaving

Stable Firmware for F5

Related Content

F5 ICAP over SSL/TLS (Secure ICAP) with F5 ASM/AWAF Antivirus Protection feature

TLS Fingerprinting to profile SSL/TLS clients without decryption

CLIENT_HELLO SSL TLS version insert

F5 Server SSL Profile using TLS 1.0 instead of TLS 1.2

SSL Profiles Part 11: TLS Optimization