Chat now with support
Chat with Support

We are currently preforming website maintenance, any feature requiring sign-in is temporarily unavailable, if you have an issue requiring immediate assistance please call Technical Support.

syslog-ng Store Box 6.3.0 - Administration Guide

Preface Introduction The concepts of SSB The Welcome Wizard and the first login Basic settings User management and access control Managing SSB Configuring message sources Storing messages on SSB Forwarding messages from SSB Log paths: routing and processing messages Configuring syslog-ng options Searching log messages Searching the internal messages of SSB Classifying messages with pattern databases The SSB RPC API Monitoring SSB Troubleshooting SSB Security checklist for configuring SSB

Authenticating users to a RADIUS server

The syslog-ng Store Box (SSB) application can authenticate its users to an external RADIUS server. Group memberships of the users must be managed either locally on SSB or in an LDAP database.

Caution:

The challenge/response authentication methods is currently not supported. Other authentication methods (for example, password, SecureID) should work.

To authenticate SSB users to a RADIUS server

  1. Navigate to AAA > Settings.

    Figure 57: AAA > Settings — Configuring RADIUS authentication

  2. Set the Authentication method field to RADIUS.

  3. Enter the IP address or domain name of the RADIUS server into the Address field.

  4. Enter the password that SSB can use to access the server into the Shared secret field.

    NOTE:

    The syslog-ng Store Box (SSB) application accepts passwords that are not longer than 150 characters. The following special characters can be used: !"#$%&'()*+,-./:;<=>?@[]^-`{|}

  5. To add more RADIUS servers, click and repeat Steps 2-4.

    Repeat this step to add multiple servers. If a server is unreachable, SSB will try to connect to the next server in the list in failover fashion.

  6. When configuring RADIUS authentication with a local user database, complete the following steps.

    1. Set Password expiration to 0.

    2. Set Number of passwords to remember to 0.

    3. Set Minimal password strength to disabled.

    4. Set Cracklib check on password to disabled.

  7. Caution:

    After clicking Commit, the SSB web interface will be available only after successfully authenticating to the RADIUS server. Note that the default admin account of SSB will be able to login normally, even if the RADIUS server is inaccessible.

    Click Commit.

Managing user rights and usergroups

In syslog-ng Store Box (SSB), user rights can be assigned to usergroups. SSB has numerous usergroups defined by default, but custom user groups can be defined as well. Every group has a set of privileges: which pages of the SSB web interface it can access, and whether it can only view (read) or also modify (read & write/perform) those pages or perform certain actions.

Figure 58: AAA > Access Control — Managing SSB users

NOTE:

Every group has either read or read & write/perform privileges to a set of pages.

The admin user is available by default and has all privileges, except that it cannot remotely access the shared logspaces. It is not possible to delete this user.

Assigning privileges to usergroups for the SSB web interface

This section describes how to assign privileges to a new group.

To assign privileges to a new group

  1. Navigate to AAA > Access Control and click .

  2. Find your usergroup. If you start typing the name of the group you are looking for, the autocomplete function will make finding your group easier for you.

  3. Click located next to the name of the group. The list of available privileges is displayed.

  4. Select the privileges (pages of the syslog-ng Store Box (SSB) interface) to which the group will have access and click Save.

    NOTE:

    To export the configuration of SSB, the Export configuration privilege is required.

    To import a configuration to SSB, the Import configuration privilege is required.

    To update the firmware and set the active firmware, the Basic settings > System privilege is required.

  5. Select the type of access (read or read & write) from the Type field.

  6. Click Commit.

Modifying group privileges

This section describes how to modify the privileges of an existing group.

To modify the privileges of an existing group

  1. Navigate to AAA > Access Control.

  2. Find the group you want to modify and click . The list of available privileges is displayed.

  3. Select the privileges (pages of the syslog-ng Store Box (SSB) interface) to which the group will have access and click Save.

    Figure 59: AAA > Access Control — Modifying group privileges

    Caution:

    Assigning the Search privilege to a user on the AAA page grants the user search access to every logspace, even if the user is not a member of the groups listed in the Access Control option of the particular logspace.

  4. Select the type of access (read or read & write) from the Type field.

  5. Click Commit.

Related Documents