Make sure you know the server address, protocol, and port number. The server address can be a fully qualified domain name, an IPv4 address, or an IPv6 address.

If your server uses a secure protocol (for example, TLS), a Certificate Authority (CA) certificate must be available on your local system. CA certificates identify website owners for secure connections between servers and clients.

After configuration, all new audit logs are sent to the syslog server. Previous logs are not transferred.

The Overwrite Policy settings (available from View/Edit Settings) do not affect how logs are managed with a syslog server configuration.

Audit logs follow the RFC 5424 messaging format.