Configure TLS Strong Encryption

You can configure TLS strong encryption for Log Correlation Engine-client communications to meet the security needs of your organization. Log Correlation Engine uses TLS 1.2 to encrypt Log Correlation Engine-client communications.

To configure TLS strong encryption for Log Correlation Engine communications:

  1. Log in to Log Correlation Engine via the command line interface (CLI).

  2. In the CLI in Log Correlation Engine, run the following command to specify the cipher you want to use for TLS encryption:

    source /opt/lce/tools/exigent-sessions.bashrc

    undoc-config --set lced cryptSyslog_ciphersuiteSelector <cipher you want to use for TLS encryption>

    For example:

    source /opt/lce/tools/exigent-sessions.bashrc

    undoc-config --set lced cryptSyslog_ciphersuiteSelector ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES256-GCM-SHA384

  3. Run the following command to restart all Log Correlation Engine daemons:

    restart-all bar-pg

    All Log Correlation Engine daemons restart.