Logging¶
This section covers the configuration of the logging service. To display log messages, refer to the show log documentation.
Local Logging Configuration¶
It is possible to change the maximum logging level that will be displayed in the system logs. The possible logging levels are (from the lowest to the highest):
Emergency
Alert
Critical
Error
Warning
Notice
Informational
Debug
The maximum logging level displayed means that if the system log-level is set
to warning
, all logs of type Emergency
, Alert
, Critical
, Error
and
Warning
will be displayed, but Notice
, Informational
, and Debug
will be
hidden.
By default, the system logging level is set to info (Informational)
.
The system logging level can be changed at any time as follows
(in the following example, we set it to debug
):
vsr running config# / system logging
vsr running logging# log-level debug
vsr running logging# commit
Let us verify that the logging level value has been properly applied:
vsr running config# show state / system logging
logging
log-level debug
rate-limit
interval 30
burst 1000
..
disk-usage 4.7M
..
It is also possible to configure the rate limiting that is applied to all messages
generated on the system by changing rate limit interval
and burst
values.
vsr running config# / system logging
vsr running logging# rate-limit interval 20 burst 2000
vsr running logging# commit
If, in the time interval defined by interval
(in seconds), more messages than
specified in burst
are logged by a service, all further messages within the
interval are dropped until the interval is over. A message about the number of
dropped messages is generated. This rate limiting is applied per-service, so
that two services which log do not interfere with each other’s limits.
Defaults to 1000 messages in 30s.
To turn off any kind of rate limiting, set either value to 0.
Let’s check the rate limit values have been applied properly:
vsr running config# show state / system logging
logging
log-level info
rate-limit
interval 20
burst 2000
..
disk-usage 6.1M
..
Note that disk-usage
shows the sum of the file system usage of all archived
and active journal files. The journal size is limited to half the size of the
partition where the logs are located, up to a maximum of 4GB.
The same configuration can be made using this NETCONF XML configuration:
vsr running config# show config xml absolute / system logging
<config xmlns="urn:6wind:vrouter">
<system xmlns="urn:6wind:vrouter/system">
<logging xmlns="urn:6wind:vrouter/logging">
<rate-limit>
<interval>20</interval>
<burst>2000</burst>
</rate-limit>
</logging>
</system>
</config>
See also
The command reference for details about the API, and the show-log command.
Remote Syslog Configuration¶
syslog
is a standard for message logging. It allows separation of the software
that generates messages, the system that stores them, and the software that
reports and analyzes them. Each message is labeled with a facility code,
indicating the software type generating the message, and assigned a level.
Here we explain how to setup remote logging to a distant server.
Client Configuration¶
The syslog
client can be configured for sending log messages to remote
servers:
vsr running config# / vrf main logging syslog
vsr running syslog#! remote-server 10.125.0.2 protocol tcp port 514
vsr running syslog# commit
In this example, logs will be sent in TCP to remote server at address 10.125.0.2 and remote port 514 (which is the default).
It is also possible to set the source address used to reach the remote server:
vsr running syslog# remote-server 10.125.0.2 source 192.168.42.1
vsr running syslog# commit
To check the values have been applied in the system:
vsr running config# show state / vrf main logging syslog
syslog
enabled true
remote-server 10.125.0.2
source 192.168.42.1
protocol tcp
port 514
log-filter facility any
..
..
Note
Do not configure syslog in multiple vrfs.
Server Configuration¶
Here we provide an example configuration for the distant log server.
We assume the server is running Ubuntu 16.04 and that the rsyslog
package is
installed.
Open the rsyslog
configuration file:
# vi /etc/rsyslog.conf
Find and uncomment the following lines to make your server to listen on the udp and tcp ports:
[...]
# provides UDP syslog reception
module(load="imudp")
input(type="imudp" port="514")
[...]
# provides TCP syslog reception
module(load="imtcp")
input(type="imtcp" port="514")
[...]
Create a template file where we will create a new custom log format under the
/etc/rsyslog.d/
directory:
# vi /etc/rsyslog.d/tmpl.conf
Add the following lines:
$template TmplAuth, "/var/log/client_logs/%HOSTNAME%/%PROGRAMNAME%.log"
$template TmplMsg, "/var/log/client_logs/%HOSTNAME%/%PROGRAMNAME%.log"
authpriv.* ?TmplAuth
*.info;mail.none;authpriv.none;cron.none ?TmplMsg
Reload the rsyslog
service:
# systemctl restart rsyslog
See also
The command reference for details about the API.
Remote Log Filtering Configuration¶
Logs sent to the remote servers can be configured using the log-filter
command in the remote-server
sub-context.
vsr running remote-server 10.125.0.2# log-filter facility <NAME> level <LEVEL>
The first argument of the log-filter
command is the facility on which the
filter will be applied. Here is the list of available facilities:
facility name |
purpose |
---|---|
any |
messages coming from ALL facilities |
kernel |
messages coming from the kernel |
messages coming from mail system |
|
user |
user-level messages |
auth |
security/authorization messages |
authpriv |
security/authorization messages (private) |
cron |
messages coming from the cron daemon |
daemon |
messages coming from daemons |
FTP |
messages coming from the FTP daemon |
syslog |
messages generated internally by the logging daemon |
uucp |
messages coming from the Unix to Unix Copy Protocol |
The second argument is the log level. This argument can be a single syslog
severity, a list of severities, or a severity preceded by greater-or-equal
.
not
can also be used to negate a severity. none
discards all messages for
the facility. By default all messages are selected.
This table introduces the list of syslog severities from the most serious to the least:
syslog severity |
purpose |
---|---|
emergency |
system is unusable |
alert |
action must be taken immediately |
critical |
critical conditions |
error |
error conditions |
warning |
warning conditions |
notice |
normal but significant condition |
info |
informational messages |
debug |
debug-level messages |
Note
By default, if no filters are set, all log messages from all facilities are sent to the remote server. This implicit filter rule is replaced as soon as a rule is set.
Each service has its own logging policy with regards to syslog facilities and severities. Refer to the services’ documentation for details.
Here are some examples:
Send all messages greater or equal to error for all facilities:
vsr running remote-server 10.125.0.2# log-filter facility any level greater-or-equal error
Send all messages from the kernel facility:
vsr running remote-server 10.125.0.2# log-filter facility kernel level any
Restrict the auth facility to emergency level:
vsr running remote-server 10.125.0.2# log-filter facility auth level emergency
Disable all messages coming from the mail facility:
vsr running remote-server 10.125.0.2# log-filter facility mail level none
Transport Layer Security Configuration¶
The TLS configuration enables syslog messages encryption and servers authentication.
Entering the tls
sub-context:
vsr running config# / vrf main logging syslog tls
vsr running tls#!
Client Configuration¶
Configure the server authentication mode:
vsr running tls# server-authentication
anonymous|(name NAME [NAME [...]])|(fingerprint FP [FP [...]])|certificate
- anonymous
The servers are not authenticated.
- name NAME
The servers are authenticated if their certificate’s common name match. Many names can be set.
- fingerprint FP
The servers are authenticated if their certificate’s fingerprint match. Many fingerprints can be set.
- certificate
Validate only the server’s certificate.
Note
Only one server authentication mode can be chosen at a time.
Add the certificate authority’s certificate:
vsr running tls# ca-certificate CERT
- CERT
The CA certificate between quotes.
The following options (certificate
and private-key
) are optional if the
server doesn’t authenticate its clients.
Add the client’s certificate:
vsr running tls# certificate CERT
- CERT
The client’s certificate between quotes.
Add the client’s private key:
vsr running tls# private-key KEY
- KEY
The client’s certificate key between quotes.
Note
The certificate and the private key have to be generated from the CA.
A minimal configuration is to add the
certificate-authority
and set theserver-authentication
option toanonymous
, which is not recommended as servers and clients are not authenticated.
Server Configuration¶
See the rsyslog web documentation for details about how to configure an rsyslog server with TLS encryption.
Configuration Example¶
vsr> edit running
vsr running config# vrf main
vsr running vrf main# logging syslog
vsr running syslog#! remote-server 10.125.0.2
vsr running remote-server 10.125.0.2# protocol tcp
vsr running remote-server 10.125.0.2# port 514
vsr running remote-server 10.125.0.2# log-filter facility any level greater-or-equal error
vsr running remote-server 10.125.0.2# log-filter facility kernel level any
vsr running remote-server 10.125.0.2# log-filter facility auth level emergency
vsr running remote-server 10.125.0.2# log-filter facility mail level none
vsr running remote-server 10.125.0.2# ..
vsr running syslog# tls
vsr running tls#! ca-certificate "-----BEGIN CERTIFICATE-----
... MIID3zCCAkegAwIBAgIIXH6dxQIfVrcwDQYJKoZIhvcNAQELBQAwDTELMAkGA1UE
... AxMCQ0EwHhcNMTkwMzA1MTYwMzE4WhcNMjExMTI4MTYwMzIyWjANMQswCQYDVQQD
... EwJDQTCCAaIwDQYJKoZIhvcNAQEBBQADggGPADCCAYoCggGBAJmOTcw0mfZHwZQG
... K0QM8d0d38x5ABO45sxgiwx5SRwg0jC32Zpqc+b+JyNMH14IUHMYIoxifLEDMtKv
... 0Lg77ARH37cyuqdIDsMkVXI//mgbHx6Qg8Wry0SkgJPby9jRwutz2G49ZtipmrRu
... zXvRjEHrBbfyqvjZmGc2A0Nc1Bp98lViTMWa3BKG9Ym2OTr/PtJpxvYnb85H89fs
... bFjVzQbyyIDFoTmnoaykBzMRGtxzjW/BUL3IzTvHTjFdHzJh7i8OKKyLyepc573p
... b1uTWJJ8Sg8nS46tAU18G+7Y4pYMYh3gGEN9VuiPFV/vzWA7h5dELGOQe3tzSDSS
... 6XnILvQW1yN2R9LQ9ZO8Xl8pEiJ/pwGfcBvIWPHPJDH8TnH3ZcvVwQNt98YwbmUx
... HGYR+2cfP+S6sTvw2ccvz4uENfKVstYTeVRrRHdTpHK7dzUWEU9UAWPpXOufLV69
... Zr6M3fBrBmDUrVaL864kPoDiCMNhtGDhU+Q3nQSvFH8HBTm3zwIDAQABo0MwQTAP
... BgNVHRMBAf8EBTADAQH/MA8GA1UdDwEB/wQFAwMHBAAwHQYDVR0OBBYEFF6FET3m
... 9NiPfbYqwF60m3yGTwXXMA0GCSqGSIb3DQEBCwUAA4IBgQAHWozkh382EAI7i0wW
... CG94WJbxTTNnwA2e6FWqOhSItr4RnfzeHm/DbmfNYlRKYAqGIsjzGLmWz+NozqOg
... Q6qK+RvGjr70zAXuygtRRzi32xuWbAijyx03VRv/FH91F8gf3plR3cNiAhVAW+ef
... xHiGzTrZh8E1HrrIJRj+uoQx66zxkIMZ8nEckxoqs0jFxKY4/7sQ9mQAonlSQg9b
... Y+gJUecbT5Ff2SSyiUCM6XN0FuU/rXglrblscPdFUZeyX24TxWI36qtqYqmJff+d
... aniGfJlJ49Sg3iIoia3zXq7LTl4ZEfSgRhb6V6eDzwX1vhx00O5pGQRwAzwOwBaT
... k+IevZtdlKrEhycvrEoxSH70lPfgHBVJ5QrP8OKkBR5WVaOfcQL/n+703ARepPH9
... NjOAv+HazTPzVDIZwQg+fjftVZtR4CRlaeHGXZy8Tj3SkgiX5SOkTrb0nSHSwoTA
... taiY8eM9lD3siHbuGl/JT3wC8FXvq/cMhougM8NgzgEQ0Zc=
... -----END CERTIFICATE-----"
vsr running tls#! certificate "-----BEGIN CERTIFICATE-----
... MIIDoTCCAgmgAwIBAgIIXH6fERmi2VkwDQYJKoZIhvcNAQELBQAwDTELMAkGA1UE
... AxMCQ0EwHhcNMTkwMzA1MTYwODUxWhcNMjExMTI4MTYwODUzWjARMQ8wDQYDVQQD
... EwZjbGllbnQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC465HIizN9
... 3qzopW7tD57FjkccmmySPVHWm3dK1dZytSl1ChCPf9rGAXcqagnXFGsjIoKULCWV
... 6eUMa6VQTw4XXIR1dn+x3pfGEp9of/6DR1dzK4UCpXrx4UIKQtDQ1R6UQ8QV1BaI
... ZNvR5XllHD/sS8LUcw8xGilKi+M0x6aPSJAtxoXgX2gn0w3Qn/SzxbCztNizPZO4
... Bk+YEVs6/vK2uyy87tISIkud2HhbxUkckySLawDZxbHr0xTgwcf4jz05GDXMokGx
... dRGVRNeRHfnDS9PZQoyvFeHKmsIrf8VqcMf6qtPGpjBnCm6WDq/rjosD1ZahQ1a7
... MXsoOxg314MJAgMBAAGjgYAwfjAMBgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsG
... AQUFBwMCBggrBgEFBQcDATAPBgNVHQ8BAf8EBQMDB6AAMB0GA1UdDgQWBBRrHgQ2
... 0vRIncZcD9MKUa6CfUSghjAfBgNVHSMEGDAWgBRehRE95vTYj322KsBetJt8hk8F
... 1zANBgkqhkiG9w0BAQsFAAOCAYEABiDq/MS/YdXiNDE4lcE5A1qy3+S9WjPsx0ql
... zQjr0cN/v/KvEg9Sl8dddtg1HTtdl/Wx57JjrmWymecM5E/HSU/3sxWNHSgjpJsn
... gG4621jwrDWFvuzJHh1jJQyvNa6q++KmI1/UbD9vL+g07Ity2zsRY4vxw6nmDfr5
... Vw6Ml8zh8wD605lJm1AdR20518QfDNhm1mRdAuBacBO00J9/fC0zouOxgSy1W/ha
... 2PUJNf4nxNkQBngfMHKzf/fTmzticQ54Js/LoTkOCEBbhqpajJ//eE6Bx5CIauJN
... dUO6vfryih4wZ5rqsVk57i6lU1jBikvNnrai68MRzst4NUJBi0GVACfQv9efnyEM
... LO3XAMMJUgZNvsrQbVZT1vJnfFehlrxgdXP8c9jiXSFnjZ7SjptxxQzOodaE+2jN
... 7KCJsizW4miGQQyyeBoiQlIF9kjLT5kF41acACTzuPlDxOLo0OG3CB4APDvc8xWo
... J+z2SxQrkTVB5AHT7DyC+Zfjmnu6
... -----END CERTIFICATE-----"
vsr running tls#! private-key "-----BEGIN RSA PRIVATE KEY-----
... MIIEpAIBAAKCAQEAuOuRyIszfd6s6KVu7Q+exY5HHJpskj1R1pt3StXWcrUpdQoQ
... j3/axgF3KmoJ1xRrIyKClCwllenlDGulUE8OF1yEdXZ/sd6XxhKfaH/+g0dXcyuF
... AqV68eFCCkLQ0NUelEPEFdQWiGTb0eV5ZRw/7EvC1HMPMRopSovjNMemj0iQLcaF
... 4F9oJ9MN0J/0s8Wws7TYsz2TuAZPmBFbOv7ytrssvO7SEiJLndh4W8VJHJMki2sA
... 2cWx69MU4MHH+I89ORg1zKJBsXURlUTXkR35w0vT2UKMrxXhyprCK3/FanDH+qrT
... xqYwZwpulg6v646LA9WWoUNWuzF7KDsYN9eDCQIDAQABAoIBAHWjhw6pX4yHiEBI
... XhT5huvu41ZS9xbhY5q/NFirSM2YalNGn9pqX+bvL7wP0Uq+dpnXbnKM0yxXq5sH
... MBey8yfxd2Kyi/G/xZYAauCz7FnfnMZrvSY918TgpH6amvT/X4C6y5eHYP5MC3uw
... HFYybogIel1lBRkbp4EBFP2StWcYkQd2k7kEAhbk68IKzFLgDf9o6RL8/uSFHVds
... K6946+LRfu0KmMP6QmfI2pGdKwKPiTylVI68SVwQBINLuNOtLPx5zgm1E9wGBghq
... FgBOwHt0vjFOOeql+sjc7MLKv6iR56zDZupnv4rPnz5U9vCv83ApY4BcCmkFPlwd
... A7oPMcECgYEA6OTdIn8A9dG58/jppEdhXOFQSOZjyK4tYMZVdLhg2TU9+0StbePe
... Qf0p8pc/7RtiOwyNu2fpJz3Q5vgfAlUPxSXkxukNfb9uCmAJNmKfYWMtRff/maFU
... E+Vei3MhG7NeR1SfcUEi0zUwW0hhpoIEdrRtWnD5fpWkzdkPh2bT8c0CgYEAy0Q/
... W2A9o3cW8qZHlA3nNT8hoT06v6hKcVVfPKwyG8ql4VYCCYjaXHvxY0sXtweV+2yM
... 8v4sdn0GeVcJUFBri8NJYBTnuRtzTiZfbMDsR7QPwiIf7hyRaQF1KTBUO+givGOp
... XRUa97FUNHkyZUKwyWw8neG+tqOMx28ULz20Ci0CgYEA2bdqCp+T9DmVjr/5Gzwn
... hr6TYTMPwUEi5r9CkBT1ZNjjEoyHXJ2S3zmeB0zh0/Svhegcbz+atLaTHfiCdJm0
... XmcoUdL4a7+TTVuuAQt9V3txjWFjrukkQl1AXzjHkK/DyQcQ7r0noy6sAAnQT+pn
... 5diSCeRnOLEIGe97FudH51kCgYBBhGn3hfnYKpaW98myixivLP4l/pplFFWKWj4s
... TESKeLMnApX9hML9dGXF33pxYFyTgdWcrRifyITBr7As1v8TOYr5EUPvgk2ULwIr
... B7QhGITLyjwIf+TOt82PzSgZdyVbG7SHcDoVBG9jynzX7rsU8XJIYW8bZ3QFBGS5
... JWZWsQKBgQDDan2dN5URjua5zfJBBt4q92bMbkHlZIzQYpRsPv4vOXzVn6Y13Sy8
... uFmYrar4AOHQhpabIvH6MNpgJHK04g1ZALQrq3JIO+wpq6Mf4wyOXTANvLZCHjm/
... LhhDVcUs1nlM6zofsghgiYAcXQmZdDOrsv7POOg54eOY0/8d2yRCJQ==
... -----END RSA PRIVATE KEY-----"
vsr running tls#! server-authentication name server.example.org server-backup.example.org
vsr running tls#
The same configuration can be made using this NETCONF XML configuration:
vsr> show config xml absolute vrf main logging syslog
<config xmlns="urn:6wind:vrouter">
<vrf>
<name>main</name>
<logging xmlns="urn:6wind:vrouter/logging">
<syslog>
<enabled>true</enabled>
<remote-server>
<host>10.125.0.2</host>
<protocol>tcp</protocol>
<port>514</port>
<log-filter>
<facility>any</facility>
<level>
<greater-or-equal>error</greater-or-equal>
</level>
</log-filter>
<log-filter>
<facility>kernel</facility>
<level>
<equal>any</equal>
</level>
</log-filter>
<log-filter>
<facility>auth</facility>
<level>
<equal>emergency</equal>
</level>
</log-filter>
<log-filter>
<facility>mail</facility>
<level>
<equal>none</equal>
</level>
</log-filter>
</remote-server>
<tls>
<enabled>true</enabled>
<server-authentication>
<name>
<name>server.example.org</name>
<name>server-backup.example.org</name>
</name>
</server-authentication>
<ca-certificate>-----BEGIN CERTIFICATE-----
MIID3zCCAkegAwIBAgIIXH6dxQIfVrcwDQYJKoZIhvcNAQELBQAwDTELMAkGA1UE
AxMCQ0EwHhcNMTkwMzA1MTYwMzE4WhcNMjExMTI4MTYwMzIyWjANMQswCQYDVQQD
EwJDQTCCAaIwDQYJKoZIhvcNAQEBBQADggGPADCCAYoCggGBAJmOTcw0mfZHwZQG
K0QM8d0d38x5ABO45sxgiwx5SRwg0jC32Zpqc+b+JyNMH14IUHMYIoxifLEDMtKv
0Lg77ARH37cyuqdIDsMkVXI//mgbHx6Qg8Wry0SkgJPby9jRwutz2G49ZtipmrRu
zXvRjEHrBbfyqvjZmGc2A0Nc1Bp98lViTMWa3BKG9Ym2OTr/PtJpxvYnb85H89fs
bFjVzQbyyIDFoTmnoaykBzMRGtxzjW/BUL3IzTvHTjFdHzJh7i8OKKyLyepc573p
b1uTWJJ8Sg8nS46tAU18G+7Y4pYMYh3gGEN9VuiPFV/vzWA7h5dELGOQe3tzSDSS
6XnILvQW1yN2R9LQ9ZO8Xl8pEiJ/pwGfcBvIWPHPJDH8TnH3ZcvVwQNt98YwbmUx
HGYR+2cfP+S6sTvw2ccvz4uENfKVstYTeVRrRHdTpHK7dzUWEU9UAWPpXOufLV69
Zr6M3fBrBmDUrVaL864kPoDiCMNhtGDhU+Q3nQSvFH8HBTm3zwIDAQABo0MwQTAP
BgNVHRMBAf8EBTADAQH/MA8GA1UdDwEB/wQFAwMHBAAwHQYDVR0OBBYEFF6FET3m
9NiPfbYqwF60m3yGTwXXMA0GCSqGSIb3DQEBCwUAA4IBgQAHWozkh382EAI7i0wW
CG94WJbxTTNnwA2e6FWqOhSItr4RnfzeHm/DbmfNYlRKYAqGIsjzGLmWz+NozqOg
Q6qK+RvGjr70zAXuygtRRzi32xuWbAijyx03VRv/FH91F8gf3plR3cNiAhVAW+ef
xHiGzTrZh8E1HrrIJRj+uoQx66zxkIMZ8nEckxoqs0jFxKY4/7sQ9mQAonlSQg9b
Y+gJUecbT5Ff2SSyiUCM6XN0FuU/rXglrblscPdFUZeyX24TxWI36qtqYqmJff+d
aniGfJlJ49Sg3iIoia3zXq7LTl4ZEfSgRhb6V6eDzwX1vhx00O5pGQRwAzwOwBaT
k+IevZtdlKrEhycvrEoxSH70lPfgHBVJ5QrP8OKkBR5WVaOfcQL/n+703ARepPH9
NjOAv+HazTPzVDIZwQg+fjftVZtR4CRlaeHGXZy8Tj3SkgiX5SOkTrb0nSHSwoTA
taiY8eM9lD3siHbuGl/JT3wC8FXvq/cMhougM8NgzgEQ0Zc=
-----END CERTIFICATE-----</ca-certificate>
<certificate>-----BEGIN CERTIFICATE-----
MIIDoTCCAgmgAwIBAgIIXH6fERmi2VkwDQYJKoZIhvcNAQELBQAwDTELMAkGA1UE
AxMCQ0EwHhcNMTkwMzA1MTYwODUxWhcNMjExMTI4MTYwODUzWjARMQ8wDQYDVQQD
EwZjbGllbnQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC465HIizN9
3qzopW7tD57FjkccmmySPVHWm3dK1dZytSl1ChCPf9rGAXcqagnXFGsjIoKULCWV
6eUMa6VQTw4XXIR1dn+x3pfGEp9of/6DR1dzK4UCpXrx4UIKQtDQ1R6UQ8QV1BaI
ZNvR5XllHD/sS8LUcw8xGilKi+M0x6aPSJAtxoXgX2gn0w3Qn/SzxbCztNizPZO4
Bk+YEVs6/vK2uyy87tISIkud2HhbxUkckySLawDZxbHr0xTgwcf4jz05GDXMokGx
dRGVRNeRHfnDS9PZQoyvFeHKmsIrf8VqcMf6qtPGpjBnCm6WDq/rjosD1ZahQ1a7
MXsoOxg314MJAgMBAAGjgYAwfjAMBgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsG
AQUFBwMCBggrBgEFBQcDATAPBgNVHQ8BAf8EBQMDB6AAMB0GA1UdDgQWBBRrHgQ2
0vRIncZcD9MKUa6CfUSghjAfBgNVHSMEGDAWgBRehRE95vTYj322KsBetJt8hk8F
1zANBgkqhkiG9w0BAQsFAAOCAYEABiDq/MS/YdXiNDE4lcE5A1qy3+S9WjPsx0ql
zQjr0cN/v/KvEg9Sl8dddtg1HTtdl/Wx57JjrmWymecM5E/HSU/3sxWNHSgjpJsn
gG4621jwrDWFvuzJHh1jJQyvNa6q++KmI1/UbD9vL+g07Ity2zsRY4vxw6nmDfr5
Vw6Ml8zh8wD605lJm1AdR20518QfDNhm1mRdAuBacBO00J9/fC0zouOxgSy1W/ha
2PUJNf4nxNkQBngfMHKzf/fTmzticQ54Js/LoTkOCEBbhqpajJ//eE6Bx5CIauJN
dUO6vfryih4wZ5rqsVk57i6lU1jBikvNnrai68MRzst4NUJBi0GVACfQv9efnyEM
LO3XAMMJUgZNvsrQbVZT1vJnfFehlrxgdXP8c9jiXSFnjZ7SjptxxQzOodaE+2jN
7KCJsizW4miGQQyyeBoiQlIF9kjLT5kF41acACTzuPlDxOLo0OG3CB4APDvc8xWo
J+z2SxQrkTVB5AHT7DyC+Zfjmnu6
-----END CERTIFICATE-----</certificate>
<private-key>-----BEGIN RSA PRIVATE KEY-----
MIIEpAIBAAKCAQEAuOuRyIszfd6s6KVu7Q+exY5HHJpskj1R1pt3StXWcrUpdQoQ
j3/axgF3KmoJ1xRrIyKClCwllenlDGulUE8OF1yEdXZ/sd6XxhKfaH/+g0dXcyuF
AqV68eFCCkLQ0NUelEPEFdQWiGTb0eV5ZRw/7EvC1HMPMRopSovjNMemj0iQLcaF
4F9oJ9MN0J/0s8Wws7TYsz2TuAZPmBFbOv7ytrssvO7SEiJLndh4W8VJHJMki2sA
2cWx69MU4MHH+I89ORg1zKJBsXURlUTXkR35w0vT2UKMrxXhyprCK3/FanDH+qrT
xqYwZwpulg6v646LA9WWoUNWuzF7KDsYN9eDCQIDAQABAoIBAHWjhw6pX4yHiEBI
XhT5huvu41ZS9xbhY5q/NFirSM2YalNGn9pqX+bvL7wP0Uq+dpnXbnKM0yxXq5sH
MBey8yfxd2Kyi/G/xZYAauCz7FnfnMZrvSY918TgpH6amvT/X4C6y5eHYP5MC3uw
HFYybogIel1lBRkbp4EBFP2StWcYkQd2k7kEAhbk68IKzFLgDf9o6RL8/uSFHVds
K6946+LRfu0KmMP6QmfI2pGdKwKPiTylVI68SVwQBINLuNOtLPx5zgm1E9wGBghq
FgBOwHt0vjFOOeql+sjc7MLKv6iR56zDZupnv4rPnz5U9vCv83ApY4BcCmkFPlwd
A7oPMcECgYEA6OTdIn8A9dG58/jppEdhXOFQSOZjyK4tYMZVdLhg2TU9+0StbePe
Qf0p8pc/7RtiOwyNu2fpJz3Q5vgfAlUPxSXkxukNfb9uCmAJNmKfYWMtRff/maFU
E+Vei3MhG7NeR1SfcUEi0zUwW0hhpoIEdrRtWnD5fpWkzdkPh2bT8c0CgYEAy0Q/
W2A9o3cW8qZHlA3nNT8hoT06v6hKcVVfPKwyG8ql4VYCCYjaXHvxY0sXtweV+2yM
8v4sdn0GeVcJUFBri8NJYBTnuRtzTiZfbMDsR7QPwiIf7hyRaQF1KTBUO+givGOp
XRUa97FUNHkyZUKwyWw8neG+tqOMx28ULz20Ci0CgYEA2bdqCp+T9DmVjr/5Gzwn
hr6TYTMPwUEi5r9CkBT1ZNjjEoyHXJ2S3zmeB0zh0/Svhegcbz+atLaTHfiCdJm0
XmcoUdL4a7+TTVuuAQt9V3txjWFjrukkQl1AXzjHkK/DyQcQ7r0noy6sAAnQT+pn
5diSCeRnOLEIGe97FudH51kCgYBBhGn3hfnYKpaW98myixivLP4l/pplFFWKWj4s
TESKeLMnApX9hML9dGXF33pxYFyTgdWcrRifyITBr7As1v8TOYr5EUPvgk2ULwIr
B7QhGITLyjwIf+TOt82PzSgZdyVbG7SHcDoVBG9jynzX7rsU8XJIYW8bZ3QFBGS5
JWZWsQKBgQDDan2dN5URjua5zfJBBt4q92bMbkHlZIzQYpRsPv4vOXzVn6Y13Sy8
uFmYrar4AOHQhpabIvH6MNpgJHK04g1ZALQrq3JIO+wpq6Mf4wyOXTANvLZCHjm/
LhhDVcUs1nlM6zofsghgiYAcXQmZdDOrsv7POOg54eOY0/8d2yRCJQ==
-----END RSA PRIVATE KEY-----</private-key>
</tls>
</syslog>
</logging>
</vrf>
</config>