User activity log forwarding to syslog servers

Description

You enable the forwarding of CLM user activity logs to a remote syslog server by specifying the syslog server parameters in the nsp—modules—logging—forwarding—activityLogs—syslog section of the CLM configuration file.

Note: A syslog server address can be an IPv4 or IPv6 address, or a hostname or FQDN that the local CLM cluster can resolve.

In order to secure the forwarding of logs to a syslog server, you must generate a TLS certificate on the syslog server, and transfer the certificate to the caCertPath location that you specify in the activityLogs section of the CLM configuration file. During initialization, the CLM imports the certificate to the local TLS truststore.