Set Up Secure Audit Logging - Cisco TelePresence SX10 Quick Set Administrator's Manual

Cisco TelePresence SX10 Quick Set

Introduction

Set up secure audit logging

Sign in to the web interface and navigate to
1. Open the Security category.
2. Find the Audit > Server
settings, and enter the
Address of the audit server.
If you set PortAssignment to
Manual, you must also enter
a Port number for the audit
server.
3. Set Audit > Logging > Mode
to ExternalSecure.
4. Click Save for the change to
take effect.
D15330.16 SX10 Administrator Guide CE9.9, OCTOBER 2019.
Configuration Configuration Peripherals
Setup > Configuration. The certificate authority (CA) that verifies the certificate
of the audit server must be in the device's list of trusted
certificate authorities. Otherwise, logs will not be sent to
the external server.
Refer to the
chapter how to update the list.
Maintenance
► Upload a CA certificate to the device
www.cisco.com — Copyright © 2019 Cisco Systems, Inc. All rights reserved.
57
Administrator Guide
Device settings Appendices
About secure audit logging
When audit logging is enabled, all sign in
activity and configuration changes on the
device are recorded.
Use the Security > Audit > Logging >
Mode setting to enable audit logging.
Audit logging is disabled by default.
In ExternalSecure audit logging mode
the device sends encrypted audit logs to
an external audit server (syslog server),
which identity must be verified by a
signed certificate.
The signature of the audit server is
verified using the list of pre-installed CA
certificates or the custom CA list.
If the audit server authentication fails, no
audit logs are sent to the external server.