Logging

This section covers the configuration of the logging service. To display log messages, refer to the show log documentation.

Local Logging Configuration

It is possible to configure the rate limiting that is applied to all messages generated on the system by changing rate limit interval and burst values.

vrouter running config# / system logging
vrouter running logging# rate-limit interval 20 burst 2000
vrouter running logging# commit

If, in the time interval defined by interval (in seconds), more messages than specified in burst are logged by a service, all further messages within the interval are dropped until the interval is over. A message about the number of dropped messages is generated. This rate limiting is applied per-service, so that two services which log do not interfere with each other’s limits.

Defaults to 1000 messages in 30s.

To turn off any kind of rate limiting, set either value to 0.

Let’s check the rate limit values have been applied properly:

vrouter running config# show state / system logging
logging
    rate-limit
        interval 20
        burst 2000
        ..
    disk-usage 6.1M
    ..

Note that disk-usage shows the sum of the file system usage of all archived and active journal files. The journal size is limited to half the size of the partition where the logs are located, up to a maximum of 4GB.

The same configuration can be made using this NETCONF XML configuration:

vrouter running config# show config xml absolute / system logging
<config xmlns="urn:6wind:vrouter">
  <system xmlns="urn:6wind:vrouter/system">
    <logging xmlns="urn:6wind:vrouter/logging">
      <rate-limit>
        <interval>20</interval>
        <burst>2000</burst>
      </rate-limit>
    </logging>
  </system>
</config>

See also

The command reference for details about the API, and the show-log command.

Remote Syslog Configuration

syslog is a standard for message logging. It allows separation of the software that generates messages, the system that stores them, and the software that reports and analyzes them. Each message is labeled with a facility code, indicating the software type generating the message, and assigned a level.

Here we explain how to setup remote logging to a distant server.

Client Configuration

The syslog client can be configured for sending log messages to remote servers:

vrouter running config# / vrf main logging syslog
vrouter running syslog#! remote-server 10.125.0.2 protocol tcp port 514
vrouter running syslog# commit

In this example, logs will be sent in TCP to remote server at address 10.125.0.2 and remote port 514 (which is the default).

To check the values have been applied in the system:

vrouter running config# show state / vrf main logging syslog
syslog
    enabled true
    remote-server 10.125.0.2
        protocol tcp
        port 514
        log-filter facility any
        ..
    ..

Server Configuration

Here we provide an example configuration for the distant log server.

We assume the server is running Ubuntu 16.04 and that the rsyslog package is installed.

Open the rsyslog configuration file:

# vi /etc/rsyslog.conf

Find and uncomment the following lines to make your server to listen on the udp and tcp ports:

[...]
# provides UDP syslog reception
module(load="imudp")
input(type="imudp" port="514")
[...]
# provides TCP syslog reception
module(load="imtcp")
input(type="imtcp" port="514")
[...]

Create a template file where we will create a new custom log format under the /etc/rsyslog.d/ directory:

# vi /etc/rsyslog.d/tmpl.conf

Add the following lines:

$template TmplAuth, "/var/log/client_logs/%HOSTNAME%/%PROGRAMNAME%.log"
$template TmplMsg, "/var/log/client_logs/%HOSTNAME%/%PROGRAMNAME%.log"

authpriv.* ?TmplAuth
*.info;mail.none;authpriv.none;cron.none ?TmplMsg

Reload the rsyslog service:

# systemctl restart rsyslog

See also

The command reference for details about the API.

Remote Log Filtering Configuration

Logs sent to the remote servers can be configured using the log-filter command in the remote-server sub-context.

vrouter running remote-server 10.125.0.2# log-filter facility <NAME> level <LEVEL>

The first argument of the log-filter command is the facility on which the filter will be applied. Here is the list of available facilities:

facility name

purpose

any

messages coming from ALL facilities

kernel

messages coming from the kernel

mail

messages coming from mail system

user

user-level messages

auth

security/authorization messages

authpriv

security/authorization messages (private)

cron

messages coming from the cron daemon

daemon

messages coming from daemons

FTP

messages coming from the FTP daemon

syslog

messages generated internally by the logging daemon

uucp

messages coming from the Unix to Unix Copy Protocol

The second argument is the log level. This argument can be a single syslog severity, a list of severities, or a severity preceded by greater-or-equal. not can also be used to negate a severity. none discards all messages for the facility. By default all messages are selected.

This table introduces the list of syslog severities from the most serious to the least:

syslog severity

purpose

emergency

system is unusable

alert

action must be taken immediately

critical

critical conditions

error

error conditions

warning

warning conditions

notice

normal but significant condition

info

informational messages

debug

debug-level messages

Note

  • By default, if no filters are set, all log messages from all facilities are sent to the remote server. This implicit filter rule is replaced as soon as a rule is set.

  • Each service has its own logging policy with regards to syslog facilities and severities. Refer to the services’ documentation for details.

Here are some examples:

Send all messages greater or equal to error for all facilities:

vrouter running remote-server 10.125.0.2# log-filter facility any level greater-or-equal error

Send all messages from the kernel facility:

vrouter running remote-server 10.125.0.2# log-filter facility kernel level any

Restrict the auth facility to emergency level:

vrouter running remote-server 10.125.0.2# log-filter facility auth level emergency

Disable all messages coming from the mail facility:

vrouter running remote-server 10.125.0.2# log-filter facility mail level none

Transport Layer Security Configuration

The TLS configuration enables syslog messages encryption and servers authentication.

Entering the tls sub-context:

vrouter running config# / vrf main logging syslog tls
vrouter running tls#!

Client Configuration

Configure the server authentication mode:

vrouter running tls# server-authentication
   anonymous|(name NAME [NAME [...]])|(fingerprint FP [FP [...]])|certificate
anonymous

The servers are not authenticated.

name NAME

The servers are authenticated if their certificate’s common name match. Many names can be set.

fingerprint FP

The servers are authenticated if their certificate’s fingerprint match. Many fingerprints can be set.

certificate

Validate only the server’s certificate.

Note

Only one server authentication mode can be chosen at a time.

Add the certificate authority’s certificate:

vrouter running tls# ca-certificate CERT
CERT

The CA certificate between quotes.

The following options (certificate and private-key) are optional if the server doesn’t authenticate its clients.

Add the client’s certificate:

vrouter running tls# certificate CERT
CERT

The client’s certificate between quotes.

Add the client’s private key:

vrouter running tls# private-key KEY
KEY

The client’s certificate key between quotes.

Note

  • The certificate and the private key have to be generated from the CA.

  • A minimal configuration is to add the certificate-authority and set the server-authentication option to anonymous, which is not recommended as servers and clients are not authenticated.

Server Configuration

See the rsyslog web documentation for details about how to configure an rsyslog server with TLS encryption.

Configuration Example

vrouter> edit running
vrouter running config# vrf main
vrouter running vrf main# logging syslog
vrouter running syslog#! remote-server 10.125.0.2
vrouter running remote-server 10.125.0.2# protocol tcp
vrouter running remote-server 10.125.0.2# port 514
vrouter running remote-server 10.125.0.2# log-filter facility any level greater-or-equal error
vrouter running remote-server 10.125.0.2# log-filter facility kernel level any
vrouter running remote-server 10.125.0.2# log-filter facility auth level emergency
vrouter running remote-server 10.125.0.2# log-filter facility mail level none
vrouter running remote-server 10.125.0.2# ..
vrouter running syslog# tls
vrouter running tls#! ca-certificate "-----BEGIN CERTIFICATE-----
... MIID3zCCAkegAwIBAgIIXH6dxQIfVrcwDQYJKoZIhvcNAQELBQAwDTELMAkGA1UE
... AxMCQ0EwHhcNMTkwMzA1MTYwMzE4WhcNMjExMTI4MTYwMzIyWjANMQswCQYDVQQD
... EwJDQTCCAaIwDQYJKoZIhvcNAQEBBQADggGPADCCAYoCggGBAJmOTcw0mfZHwZQG
... K0QM8d0d38x5ABO45sxgiwx5SRwg0jC32Zpqc+b+JyNMH14IUHMYIoxifLEDMtKv
... 0Lg77ARH37cyuqdIDsMkVXI//mgbHx6Qg8Wry0SkgJPby9jRwutz2G49ZtipmrRu
... zXvRjEHrBbfyqvjZmGc2A0Nc1Bp98lViTMWa3BKG9Ym2OTr/PtJpxvYnb85H89fs
... bFjVzQbyyIDFoTmnoaykBzMRGtxzjW/BUL3IzTvHTjFdHzJh7i8OKKyLyepc573p
... b1uTWJJ8Sg8nS46tAU18G+7Y4pYMYh3gGEN9VuiPFV/vzWA7h5dELGOQe3tzSDSS
... 6XnILvQW1yN2R9LQ9ZO8Xl8pEiJ/pwGfcBvIWPHPJDH8TnH3ZcvVwQNt98YwbmUx
... HGYR+2cfP+S6sTvw2ccvz4uENfKVstYTeVRrRHdTpHK7dzUWEU9UAWPpXOufLV69
... Zr6M3fBrBmDUrVaL864kPoDiCMNhtGDhU+Q3nQSvFH8HBTm3zwIDAQABo0MwQTAP
... BgNVHRMBAf8EBTADAQH/MA8GA1UdDwEB/wQFAwMHBAAwHQYDVR0OBBYEFF6FET3m
... 9NiPfbYqwF60m3yGTwXXMA0GCSqGSIb3DQEBCwUAA4IBgQAHWozkh382EAI7i0wW
... CG94WJbxTTNnwA2e6FWqOhSItr4RnfzeHm/DbmfNYlRKYAqGIsjzGLmWz+NozqOg
... Q6qK+RvGjr70zAXuygtRRzi32xuWbAijyx03VRv/FH91F8gf3plR3cNiAhVAW+ef
... xHiGzTrZh8E1HrrIJRj+uoQx66zxkIMZ8nEckxoqs0jFxKY4/7sQ9mQAonlSQg9b
... Y+gJUecbT5Ff2SSyiUCM6XN0FuU/rXglrblscPdFUZeyX24TxWI36qtqYqmJff+d
... aniGfJlJ49Sg3iIoia3zXq7LTl4ZEfSgRhb6V6eDzwX1vhx00O5pGQRwAzwOwBaT
... k+IevZtdlKrEhycvrEoxSH70lPfgHBVJ5QrP8OKkBR5WVaOfcQL/n+703ARepPH9
... NjOAv+HazTPzVDIZwQg+fjftVZtR4CRlaeHGXZy8Tj3SkgiX5SOkTrb0nSHSwoTA
... taiY8eM9lD3siHbuGl/JT3wC8FXvq/cMhougM8NgzgEQ0Zc=
... -----END CERTIFICATE-----"
vrouter running tls#! certificate "-----BEGIN CERTIFICATE-----
... MIIDoTCCAgmgAwIBAgIIXH6fERmi2VkwDQYJKoZIhvcNAQELBQAwDTELMAkGA1UE
... AxMCQ0EwHhcNMTkwMzA1MTYwODUxWhcNMjExMTI4MTYwODUzWjARMQ8wDQYDVQQD
... EwZjbGllbnQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC465HIizN9
... 3qzopW7tD57FjkccmmySPVHWm3dK1dZytSl1ChCPf9rGAXcqagnXFGsjIoKULCWV
... 6eUMa6VQTw4XXIR1dn+x3pfGEp9of/6DR1dzK4UCpXrx4UIKQtDQ1R6UQ8QV1BaI
... ZNvR5XllHD/sS8LUcw8xGilKi+M0x6aPSJAtxoXgX2gn0w3Qn/SzxbCztNizPZO4
... Bk+YEVs6/vK2uyy87tISIkud2HhbxUkckySLawDZxbHr0xTgwcf4jz05GDXMokGx
... dRGVRNeRHfnDS9PZQoyvFeHKmsIrf8VqcMf6qtPGpjBnCm6WDq/rjosD1ZahQ1a7
... MXsoOxg314MJAgMBAAGjgYAwfjAMBgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsG
... AQUFBwMCBggrBgEFBQcDATAPBgNVHQ8BAf8EBQMDB6AAMB0GA1UdDgQWBBRrHgQ2
... 0vRIncZcD9MKUa6CfUSghjAfBgNVHSMEGDAWgBRehRE95vTYj322KsBetJt8hk8F
... 1zANBgkqhkiG9w0BAQsFAAOCAYEABiDq/MS/YdXiNDE4lcE5A1qy3+S9WjPsx0ql
... zQjr0cN/v/KvEg9Sl8dddtg1HTtdl/Wx57JjrmWymecM5E/HSU/3sxWNHSgjpJsn
... gG4621jwrDWFvuzJHh1jJQyvNa6q++KmI1/UbD9vL+g07Ity2zsRY4vxw6nmDfr5
... Vw6Ml8zh8wD605lJm1AdR20518QfDNhm1mRdAuBacBO00J9/fC0zouOxgSy1W/ha
... 2PUJNf4nxNkQBngfMHKzf/fTmzticQ54Js/LoTkOCEBbhqpajJ//eE6Bx5CIauJN
... dUO6vfryih4wZ5rqsVk57i6lU1jBikvNnrai68MRzst4NUJBi0GVACfQv9efnyEM
... LO3XAMMJUgZNvsrQbVZT1vJnfFehlrxgdXP8c9jiXSFnjZ7SjptxxQzOodaE+2jN
... 7KCJsizW4miGQQyyeBoiQlIF9kjLT5kF41acACTzuPlDxOLo0OG3CB4APDvc8xWo
... J+z2SxQrkTVB5AHT7DyC+Zfjmnu6
... -----END CERTIFICATE-----"
vrouter running tls#! private-key "-----BEGIN RSA PRIVATE KEY-----
... MIIEpAIBAAKCAQEAuOuRyIszfd6s6KVu7Q+exY5HHJpskj1R1pt3StXWcrUpdQoQ
... j3/axgF3KmoJ1xRrIyKClCwllenlDGulUE8OF1yEdXZ/sd6XxhKfaH/+g0dXcyuF
... AqV68eFCCkLQ0NUelEPEFdQWiGTb0eV5ZRw/7EvC1HMPMRopSovjNMemj0iQLcaF
... 4F9oJ9MN0J/0s8Wws7TYsz2TuAZPmBFbOv7ytrssvO7SEiJLndh4W8VJHJMki2sA
... 2cWx69MU4MHH+I89ORg1zKJBsXURlUTXkR35w0vT2UKMrxXhyprCK3/FanDH+qrT
... xqYwZwpulg6v646LA9WWoUNWuzF7KDsYN9eDCQIDAQABAoIBAHWjhw6pX4yHiEBI
... XhT5huvu41ZS9xbhY5q/NFirSM2YalNGn9pqX+bvL7wP0Uq+dpnXbnKM0yxXq5sH
... MBey8yfxd2Kyi/G/xZYAauCz7FnfnMZrvSY918TgpH6amvT/X4C6y5eHYP5MC3uw
... HFYybogIel1lBRkbp4EBFP2StWcYkQd2k7kEAhbk68IKzFLgDf9o6RL8/uSFHVds
... K6946+LRfu0KmMP6QmfI2pGdKwKPiTylVI68SVwQBINLuNOtLPx5zgm1E9wGBghq
... FgBOwHt0vjFOOeql+sjc7MLKv6iR56zDZupnv4rPnz5U9vCv83ApY4BcCmkFPlwd
... A7oPMcECgYEA6OTdIn8A9dG58/jppEdhXOFQSOZjyK4tYMZVdLhg2TU9+0StbePe
... Qf0p8pc/7RtiOwyNu2fpJz3Q5vgfAlUPxSXkxukNfb9uCmAJNmKfYWMtRff/maFU
... E+Vei3MhG7NeR1SfcUEi0zUwW0hhpoIEdrRtWnD5fpWkzdkPh2bT8c0CgYEAy0Q/
... W2A9o3cW8qZHlA3nNT8hoT06v6hKcVVfPKwyG8ql4VYCCYjaXHvxY0sXtweV+2yM
... 8v4sdn0GeVcJUFBri8NJYBTnuRtzTiZfbMDsR7QPwiIf7hyRaQF1KTBUO+givGOp
... XRUa97FUNHkyZUKwyWw8neG+tqOMx28ULz20Ci0CgYEA2bdqCp+T9DmVjr/5Gzwn
... hr6TYTMPwUEi5r9CkBT1ZNjjEoyHXJ2S3zmeB0zh0/Svhegcbz+atLaTHfiCdJm0
... XmcoUdL4a7+TTVuuAQt9V3txjWFjrukkQl1AXzjHkK/DyQcQ7r0noy6sAAnQT+pn
... 5diSCeRnOLEIGe97FudH51kCgYBBhGn3hfnYKpaW98myixivLP4l/pplFFWKWj4s
... TESKeLMnApX9hML9dGXF33pxYFyTgdWcrRifyITBr7As1v8TOYr5EUPvgk2ULwIr
... B7QhGITLyjwIf+TOt82PzSgZdyVbG7SHcDoVBG9jynzX7rsU8XJIYW8bZ3QFBGS5
... JWZWsQKBgQDDan2dN5URjua5zfJBBt4q92bMbkHlZIzQYpRsPv4vOXzVn6Y13Sy8
... uFmYrar4AOHQhpabIvH6MNpgJHK04g1ZALQrq3JIO+wpq6Mf4wyOXTANvLZCHjm/
... LhhDVcUs1nlM6zofsghgiYAcXQmZdDOrsv7POOg54eOY0/8d2yRCJQ==
... -----END RSA PRIVATE KEY-----"
vrouter running tls#! server-authentication name server.example.org server-backup.example.org
vrouter running tls#

The same configuration can be made using this NETCONF XML configuration:

vrouter> show config xml absolute vrf main logging syslog
<config xmlns="urn:6wind:vrouter">
  <vrf>
    <name>main</name>
    <logging xmlns="urn:6wind:vrouter/logging">
      <syslog>
        <enabled>true</enabled>
        <remote-server>
          <host>10.125.0.2</host>
          <protocol>tcp</protocol>
          <port>514</port>
          <log-filter>
            <facility>any</facility>
            <level>
              <greater-or-equal>error</greater-or-equal>
            </level>
          </log-filter>
          <log-filter>
            <facility>kernel</facility>
            <level>
              <equal>any</equal>
            </level>
          </log-filter>
          <log-filter>
            <facility>auth</facility>
            <level>
              <equal>emergency</equal>
            </level>
          </log-filter>
          <log-filter>
            <facility>mail</facility>
            <level>
              <equal>none</equal>
            </level>
          </log-filter>
        </remote-server>
        <tls>
          <enabled>true</enabled>
          <server-authentication>
            <name>
              <name>server.example.org</name>
              <name>server-backup.example.org</name>
            </name>
          </server-authentication>
          <ca-certificate>-----BEGIN CERTIFICATE-----
MIID3zCCAkegAwIBAgIIXH6dxQIfVrcwDQYJKoZIhvcNAQELBQAwDTELMAkGA1UE
AxMCQ0EwHhcNMTkwMzA1MTYwMzE4WhcNMjExMTI4MTYwMzIyWjANMQswCQYDVQQD
EwJDQTCCAaIwDQYJKoZIhvcNAQEBBQADggGPADCCAYoCggGBAJmOTcw0mfZHwZQG
K0QM8d0d38x5ABO45sxgiwx5SRwg0jC32Zpqc+b+JyNMH14IUHMYIoxifLEDMtKv
0Lg77ARH37cyuqdIDsMkVXI//mgbHx6Qg8Wry0SkgJPby9jRwutz2G49ZtipmrRu
zXvRjEHrBbfyqvjZmGc2A0Nc1Bp98lViTMWa3BKG9Ym2OTr/PtJpxvYnb85H89fs
bFjVzQbyyIDFoTmnoaykBzMRGtxzjW/BUL3IzTvHTjFdHzJh7i8OKKyLyepc573p
b1uTWJJ8Sg8nS46tAU18G+7Y4pYMYh3gGEN9VuiPFV/vzWA7h5dELGOQe3tzSDSS
6XnILvQW1yN2R9LQ9ZO8Xl8pEiJ/pwGfcBvIWPHPJDH8TnH3ZcvVwQNt98YwbmUx
HGYR+2cfP+S6sTvw2ccvz4uENfKVstYTeVRrRHdTpHK7dzUWEU9UAWPpXOufLV69
Zr6M3fBrBmDUrVaL864kPoDiCMNhtGDhU+Q3nQSvFH8HBTm3zwIDAQABo0MwQTAP
BgNVHRMBAf8EBTADAQH/MA8GA1UdDwEB/wQFAwMHBAAwHQYDVR0OBBYEFF6FET3m
9NiPfbYqwF60m3yGTwXXMA0GCSqGSIb3DQEBCwUAA4IBgQAHWozkh382EAI7i0wW
CG94WJbxTTNnwA2e6FWqOhSItr4RnfzeHm/DbmfNYlRKYAqGIsjzGLmWz+NozqOg
Q6qK+RvGjr70zAXuygtRRzi32xuWbAijyx03VRv/FH91F8gf3plR3cNiAhVAW+ef
xHiGzTrZh8E1HrrIJRj+uoQx66zxkIMZ8nEckxoqs0jFxKY4/7sQ9mQAonlSQg9b
Y+gJUecbT5Ff2SSyiUCM6XN0FuU/rXglrblscPdFUZeyX24TxWI36qtqYqmJff+d
aniGfJlJ49Sg3iIoia3zXq7LTl4ZEfSgRhb6V6eDzwX1vhx00O5pGQRwAzwOwBaT
k+IevZtdlKrEhycvrEoxSH70lPfgHBVJ5QrP8OKkBR5WVaOfcQL/n+703ARepPH9
NjOAv+HazTPzVDIZwQg+fjftVZtR4CRlaeHGXZy8Tj3SkgiX5SOkTrb0nSHSwoTA
taiY8eM9lD3siHbuGl/JT3wC8FXvq/cMhougM8NgzgEQ0Zc=
-----END CERTIFICATE-----</ca-certificate>
          <certificate>-----BEGIN CERTIFICATE-----
MIIDoTCCAgmgAwIBAgIIXH6fERmi2VkwDQYJKoZIhvcNAQELBQAwDTELMAkGA1UE
AxMCQ0EwHhcNMTkwMzA1MTYwODUxWhcNMjExMTI4MTYwODUzWjARMQ8wDQYDVQQD
EwZjbGllbnQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC465HIizN9
3qzopW7tD57FjkccmmySPVHWm3dK1dZytSl1ChCPf9rGAXcqagnXFGsjIoKULCWV
6eUMa6VQTw4XXIR1dn+x3pfGEp9of/6DR1dzK4UCpXrx4UIKQtDQ1R6UQ8QV1BaI
ZNvR5XllHD/sS8LUcw8xGilKi+M0x6aPSJAtxoXgX2gn0w3Qn/SzxbCztNizPZO4
Bk+YEVs6/vK2uyy87tISIkud2HhbxUkckySLawDZxbHr0xTgwcf4jz05GDXMokGx
dRGVRNeRHfnDS9PZQoyvFeHKmsIrf8VqcMf6qtPGpjBnCm6WDq/rjosD1ZahQ1a7
MXsoOxg314MJAgMBAAGjgYAwfjAMBgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsG
AQUFBwMCBggrBgEFBQcDATAPBgNVHQ8BAf8EBQMDB6AAMB0GA1UdDgQWBBRrHgQ2
0vRIncZcD9MKUa6CfUSghjAfBgNVHSMEGDAWgBRehRE95vTYj322KsBetJt8hk8F
1zANBgkqhkiG9w0BAQsFAAOCAYEABiDq/MS/YdXiNDE4lcE5A1qy3+S9WjPsx0ql
zQjr0cN/v/KvEg9Sl8dddtg1HTtdl/Wx57JjrmWymecM5E/HSU/3sxWNHSgjpJsn
gG4621jwrDWFvuzJHh1jJQyvNa6q++KmI1/UbD9vL+g07Ity2zsRY4vxw6nmDfr5
Vw6Ml8zh8wD605lJm1AdR20518QfDNhm1mRdAuBacBO00J9/fC0zouOxgSy1W/ha
2PUJNf4nxNkQBngfMHKzf/fTmzticQ54Js/LoTkOCEBbhqpajJ//eE6Bx5CIauJN
dUO6vfryih4wZ5rqsVk57i6lU1jBikvNnrai68MRzst4NUJBi0GVACfQv9efnyEM
LO3XAMMJUgZNvsrQbVZT1vJnfFehlrxgdXP8c9jiXSFnjZ7SjptxxQzOodaE+2jN
7KCJsizW4miGQQyyeBoiQlIF9kjLT5kF41acACTzuPlDxOLo0OG3CB4APDvc8xWo
J+z2SxQrkTVB5AHT7DyC+Zfjmnu6
-----END CERTIFICATE-----</certificate>
          <private-key>-----BEGIN RSA PRIVATE KEY-----
MIIEpAIBAAKCAQEAuOuRyIszfd6s6KVu7Q+exY5HHJpskj1R1pt3StXWcrUpdQoQ
j3/axgF3KmoJ1xRrIyKClCwllenlDGulUE8OF1yEdXZ/sd6XxhKfaH/+g0dXcyuF
AqV68eFCCkLQ0NUelEPEFdQWiGTb0eV5ZRw/7EvC1HMPMRopSovjNMemj0iQLcaF
4F9oJ9MN0J/0s8Wws7TYsz2TuAZPmBFbOv7ytrssvO7SEiJLndh4W8VJHJMki2sA
2cWx69MU4MHH+I89ORg1zKJBsXURlUTXkR35w0vT2UKMrxXhyprCK3/FanDH+qrT
xqYwZwpulg6v646LA9WWoUNWuzF7KDsYN9eDCQIDAQABAoIBAHWjhw6pX4yHiEBI
XhT5huvu41ZS9xbhY5q/NFirSM2YalNGn9pqX+bvL7wP0Uq+dpnXbnKM0yxXq5sH
MBey8yfxd2Kyi/G/xZYAauCz7FnfnMZrvSY918TgpH6amvT/X4C6y5eHYP5MC3uw
HFYybogIel1lBRkbp4EBFP2StWcYkQd2k7kEAhbk68IKzFLgDf9o6RL8/uSFHVds
K6946+LRfu0KmMP6QmfI2pGdKwKPiTylVI68SVwQBINLuNOtLPx5zgm1E9wGBghq
FgBOwHt0vjFOOeql+sjc7MLKv6iR56zDZupnv4rPnz5U9vCv83ApY4BcCmkFPlwd
A7oPMcECgYEA6OTdIn8A9dG58/jppEdhXOFQSOZjyK4tYMZVdLhg2TU9+0StbePe
Qf0p8pc/7RtiOwyNu2fpJz3Q5vgfAlUPxSXkxukNfb9uCmAJNmKfYWMtRff/maFU
E+Vei3MhG7NeR1SfcUEi0zUwW0hhpoIEdrRtWnD5fpWkzdkPh2bT8c0CgYEAy0Q/
W2A9o3cW8qZHlA3nNT8hoT06v6hKcVVfPKwyG8ql4VYCCYjaXHvxY0sXtweV+2yM
8v4sdn0GeVcJUFBri8NJYBTnuRtzTiZfbMDsR7QPwiIf7hyRaQF1KTBUO+givGOp
XRUa97FUNHkyZUKwyWw8neG+tqOMx28ULz20Ci0CgYEA2bdqCp+T9DmVjr/5Gzwn
hr6TYTMPwUEi5r9CkBT1ZNjjEoyHXJ2S3zmeB0zh0/Svhegcbz+atLaTHfiCdJm0
XmcoUdL4a7+TTVuuAQt9V3txjWFjrukkQl1AXzjHkK/DyQcQ7r0noy6sAAnQT+pn
5diSCeRnOLEIGe97FudH51kCgYBBhGn3hfnYKpaW98myixivLP4l/pplFFWKWj4s
TESKeLMnApX9hML9dGXF33pxYFyTgdWcrRifyITBr7As1v8TOYr5EUPvgk2ULwIr
B7QhGITLyjwIf+TOt82PzSgZdyVbG7SHcDoVBG9jynzX7rsU8XJIYW8bZ3QFBGS5
JWZWsQKBgQDDan2dN5URjua5zfJBBt4q92bMbkHlZIzQYpRsPv4vOXzVn6Y13Sy8
uFmYrar4AOHQhpabIvH6MNpgJHK04g1ZALQrq3JIO+wpq6Mf4wyOXTANvLZCHjm/
LhhDVcUs1nlM6zofsghgiYAcXQmZdDOrsv7POOg54eOY0/8d2yRCJQ==
-----END RSA PRIVATE KEY-----</private-key>
        </tls>
      </syslog>
    </logging>
  </vrf>
</config>