Symantec Privileged Access Management

  • Private Community
 View Only

  • 1.  SYSLOG with SSL

    Posted 30 days ago

    Hi Community,

    Does someone could integrate PAM with SYSLOG SIEM using ssl communication? I took a look into the documentation and inside of PAM, but no luck.

    I'll appreciate your comments,
    Kind regards,
    Daniel



  • 2.  RE: SYSLOG with SSL

    Broadcom Employee
    Posted 30 days ago

    Hello Daniel, From documentation page Configure a Remote Syslog Server, step 8:

    Optionally, select 
    TLS
     to ensure that data is sent over a secure communication channel. 
    If you want to use the 
    Enable TLS
     feature with PAM, make sure to configure TLS on the Syslog server as well.

    Original Message


  • 3.  RE: SYSLOG with SSL

    Posted 29 days ago

    Hi Ralph,

    Thank you so much for your response!!! I tried as the documentation describes, but I didn't find it in PAM. Take a look to the screenshot.


    Original Message


  • 4.  RE: SYSLOG with SSL
    Best Answer

    Broadcom Employee
    Posted 29 days ago

    Hello Daniel,

    On the line just preceeding the one I pointed you to earlier, our documentation says (step 7):

    "Select the desired Protocol to use: TCP or UDP. If you select TCP, the TLS option becomes available."
    Your screenshot shows that you have the UDP protocol selected. UDP is a one-way protocol and therefore cannot support a TLS connection, which requires a two-way handshake.

    Original Message


  • 5.  RE: SYSLOG with SSL

    Posted 26 days ago

    Thanks Ralf, you're right. 


    Original Message


  • 6.  RE: SYSLOG with SSL

    Broadcom Employee
    Posted 25 days ago

    Hello Daniel,

    Looks like you are having an older version of CA PAM.

    Below is the screenshot from 4.2.2 version of CA PAM, here you can see the SSL option for Syslog.

    Thanks,
    Reatesh.


    Original Message


  • 7.  RE: SYSLOG with SSL

    Posted 24 days ago

    Thanks for the response.


    Original Message