Configuring remote logging using SSH reverse tunnel
Logging to a remote syslog server can be made cryptographically secure by using SSH reverse tunnel. The
syslog
daemon on the switch forwards log messages to the SSH tunnel, and the SSH tunnel endpoint on the remote server host forwards messages to the listening
syslog
server.
NOTE:
This procedure includes sample configuration commands for a user-supplied syslog server based on Ubuntu 14.04.5 LTS with
rsyslog
. It is up to the user to check their server documentation and adjust the sample commands as required. Optionally see your server documentation for information on how to use the
systemd
and
autossh
services to automatically restore the SSH tunnel after system reboot.
Prerequisites
The user-supplied remote syslog server must be on a network that can reach the switch management interface.
Procedure