You can configure an external auditing server, such as a syslog server, for auditing and monitoring the Advanced Edition events.
You must configure the root certificate for the audit server in SecureLogin-Server-x.x.x.x\values.yaml before configuring the audit server on the web console. Advanced Edition supports only TCP connections using TLS1.2.
Create a folder named certs inside the server folder of the helm charts.
Copy the audit server root certificate to the certs folder.
Open SecureLogin-Server-x.x.x.x\values.yaml and specify the following details in the SSL section:
auditCert: Specify the name of the audit server certificate that you copied to the certs folder.
auditCertSecret: To configure the certificate for the first time, no need to change the value of secret. However, the next time onwards, you must modify both auditCert and auditCertSecret.
Save the file.
Perform a helm install or upgrade using the following command:
To install:
helm install <name-of-the-release> <name-of-the-helm-chart> -n <name-of-the-namespace>
For example, helm install slserver001 SecureLogin-Server-x.x.x.x -n nsl-namespace
To upgrade:
helm upgrade <release-name> <name-of-the-helm-chart> -n <name-of-the-namespace>
For example, helm upgrade slserver SecureLogin-Server-x.x.x.x -n my-ingress
Log in to the Advanced Edition web console.
URL: https://<dns>.<cluster_geo_location>.cloudapp.azure.com
Click Audit Server > Configure Audit Server.
Specify the following details:
|
Field |
Description |
|---|---|
|
Audit Server Name |
Specify a name for the audit server. |
|
IP address or Domain Name |
Specify the IP address of the audit server. |
|
Port Number |
Specify the port number of the audit server. You must configure a TCP port. For example, 512 |
|
Format |
Only CEF format is supported. |
Click Save.
You can later modify these values if required.