Configuring a syslog server

Syslog messages are a standard for sending event notification messages. These messages can be stored locally or on an external syslog server. API Security Enforcer (ASE) generates and sends syslog messages to an external syslog server over UDP. All the syslog messages sent belong to the informational category.

About this task

To configure the syslog server:

Steps

Configure the IP address or hostname and port number of the syslog server in the ase.conf file to send syslog messages to the external server.
To stop generating syslog messages, remove the syslog server definition from the ase.conf file, and then stop and start ASE.

Result:

The following is a snippet from the ase.conf file:
```
; Syslog server settings. The valid format is host:port. Host can be an FQDN or an IPv4
address.
syslog_server=
```

To show the configured syslog server, run the list_sys_log_server command.

Example:

/opt/pingidentity/bin/cli.sh list_syslog_server -u admin -p
192.168.11.108:514, messages sent: 4, bytes sent: 565

Result:

The following is a sample message sent to the syslog server:

Aug 16 06:16:49 myhost ase_audit[11944] origin: cli, resource: add_api, info: config_file_path=/opt/pingidentity/ase/api.json, username=admin
Aug 16 06:16:56 myhost ase_audit[11944] origin: cli, resource: list_api, info: username=admin