首页帮助文档软件下载故障处理按场景找工具工具全景图兼容性查询在线实验平台服务信息查询产品安全中心订单验收材料下载

云安全访问服务SASE

深信服云安全访问服务(Sangfor Access)是国内首批基于SASE模型的云安全服务平台,将深信服已有的安全能力(上网行为管理、终端安全检测与响应、上网安全防护、内网安全接入服务等)聚合并云化,通过轻量级客户端软件,将网络流量引流上云进行管理和安全检测,满足企业总部、分公司、移动办公多场景下的办公安全需求。
点击可切换产品版本
知道了
不再提醒
新平台
云安全访问服务SASE 文档 产品手册 平台管理 系统配置 日志服务 Syslog转发
{{sendMatomoQuery("云安全访问服务SASE","Syslog转发")}}

Syslog转发

更新时间:2025-04-27

功能介绍

通过配置 Syslog 转发,将云端数据中心(SASE-SWG、SASE-XDLP、SASE-ZTNA等)的日志转发到本地 Syslog 接收器/服务。

 

前置条件

1、平台需要产生相关的日志(认证日志、零信任访问日志、互联网安全访问日志、文件调查日志、管理员操作日志等)。

2、本地已部署好Syslog服务器。

 

配置步骤 

1、登录云图,点击云安全访问服务SASE,进入【系统配置】-【日志服务】-【Syslog转发】。

2、按照下列字段的描述,进行Syslog 对接的配置,对接成功后可以将云端数据中心的日志转发到本地 Syslog 接收器/服务。

字段 描述
Syslog服务器 填写与Syslog服务器上安装的证书的主题备用名称(SAN)一致
端口 对端Syslog服务器接收日志的端口,一般为10514端口
服务器证书校验

按需选择适用公共CA或私有CA。

1、使用公有CA可查 <受信任的证书颁发机构清单>

2、使用私有CA,仅支持上传 PEM 格式,支持 TLS 1.2 以上。
日志格式

CEF/CSV/LEEF格式任选
分隔符

指定您想要分隔日志消息中的字段的分隔符。

1、空格:<space>

2、逗号:“,”

3、Tab:<tab>
日志类型 选择需要同步的日志选项,有认证日志、零信任访问日志、互联网安全访问日志、文件调查日志、管理员操作等日志
状态通知 设置接收通知的管理员。在云端无法连接到Syslog服务器时,管理员将接收到邮件告警。【管理员配置参考】

 

相关材料

syslog日志外发数据字段含义解释.xlsx ( 0.07M ,下载次数:0)

 

受信任的证书颁发机构清单

受信任的证书办法机构清单
  • CN = ACCVRAIZ1, O = ACCV, OU = PKIACCV, C = ES
  • O = FNMT-RCM, OU = AC RAIZ FNMT-RCM, C = ES,
  • CN = Actalis Authentication Root CA, O = Actalis S.p.A./03358520967, L = Milan, C = IT
  • CN = AffirmTrust Commercial, O = AffirmTrust, C = US
  • CN = AffirmTrust Networking, O = AffirmTrust, C = US
  • CN = AffirmTrust Premium, O = AffirmTrust, C = US
  • CN = AffirmTrust Premium ECC, O = AffirmTrust, C = US
  • CN = Amazon Root CA 1, O = Amazon, C = US
  • CN = Amazon Root CA 2, O = Amazon, C = US
  • CN = Amazon Root CA 3, O = Amazon, C = US
  • CN = Amazon Root CA 4, O = Amazon, C = US
  • CN = Atos TrustedRoot 2011, O = Atos, C = DE
  • CN = Autoridad de Certificacion Firmaprofesional CIF A62634068, C = ES
  • CN = Baltimore CyberTrust Root, O = Baltimore, OU = CyberTrust,C = IE
  • CN = Buypass Class 2 Root CA, O = Buypass AS-983163327, C = NO
  • CN = Buypass Class 3 Root CA, O = Buypass AS-983163327, C = NO
  • CN = CA Disig Root R2, O = Disig a.s., L = Bratislava, C = SK
  • CN = CFCA EV ROOT, O = China Financial Certification Authority, C = CN
  • CN = COMODO Certification Authority, O = COMODO CA Limited, L = Salford, ST = Greater Manchester, C = GB
  • CN = COMODO ECC Certification Authority, O = COMODO CA Limited,  L = Salford, ST = Greater Manchester, C = GB
  • CN = COMODO RSA Certification Authority, O = COMODO CA Limited,  L = Salford, ST = Greater Manchester, C = GB
  • CN = Certigna, O = Dhimyotis, C = FR
  • CN = Certigna Root CA, O = Dhimyotis, OU = 0002 48146308100036, C = FR
  • CN = Certum Trusted Network CA, O = Unizeto Technologies S.A., OU = Certum Certification Authority, C = PL
  • CN = Certum Trusted Network CA 2, O = Unizeto Technologies S.A., OU = Certum Certification Authority, C = PL
  • CN = Chambers of Commerce Root - 2008, O = AC Camerfirma S.A., L = Madrid (see current address at www.camerfirma.com/address), serialNumber = A82743287, C = EU
  • CN = AAA Certificate Services, O = Comodo CA Limited, L = Salford, ST = Greater Manchester, C = GB
  • CN = Cybertrust Global Root, O = "Cybertrust, Inc"
  • CN = D-TRUST Root Class 3 CA 2 2009, O = D-Trust GmbH, C = DE
  • CN = D-TRUST Root Class 3 CA 2 EV 2009, O = D-Trust GmbH, C = DE
  • CN = DST Root CA X3, O = Digital Signature Trust Co.
  • CN = DigiCert Assured ID Root CA, O = DigiCert Inc, OU = www.digicert.com, C = US
  • CN = DigiCert Assured ID Root G2, O = DigiCert Inc, OU = www.digicert.com, C = US
  • CN = DigiCert Assured ID Root G3, O = DigiCert Inc, OU = www.digicert.com, C = US
  • CN = DigiCert Global Root CA, O = DigiCert Inc, OU = www.digicert.com, C = US
  • CN = DigiCert Global Root G2, O = DigiCert Inc, OU = www.digicert.com, C = US
  • CN = DigiCert Global Root G3, O = DigiCert Inc, OU = www.digicert.com, C = US
  • CN = DigiCert High Assurance EV Root CA, O = DigiCert Inc, OU = www.digicert.com, C = US
  • CN = DigiCert Trusted Root G4, O = DigiCert Inc, OU = www.digicert.com, C = US
  • CN = E-Tugra Certification Authority, O = E-Tu\C4\9Fra EBG Bili\C5\9Fim Teknolojileri ve Hizmetleri A.\C5\9E., OU = E-Tugra Sertifikasyon Merkezi, L = Ankara, C = TR
  • CN = EC-ACC, O = Agencia Catalana de Certificacio (NIF Q-0801176-I), OU = Serveis Publics de Certificacio, OU = Vegeu https://www.catcert.net/verarrel (c)03, OU = Jerarquia Entitats de Certificacio Catalanes, C = ES
  • CN = EE Certification Centre Root CA, O = AS Sertifitseerimiskeskus, , emailAddress = pki@sk.ee, C = EE
  • CN = Entrust.net Certification Authority (2048), O = Entrust.net, OU = www.entrust.net/CPS_2048 incorp. by ref. (limits liab.), OU = (c) 1999 Entrust.net Limited,
  • CN = Entrust Root Certification Authority, O = "Entrust, Inc.", OU = www.entrust.net/CPS is incorporated by reference, OU = "(c) 2006 Entrust, Inc.", C = US
  • CN = Entrust Root Certification Authority - EC1, O = "Entrust, Inc.", OU = See www.entrust.net/legal-terms, OU = "(c) 2012 Entrust, Inc. - for authorized use only", C = US
  • CN = Entrust Root Certification Authority - G2, O = "Entrust, Inc.", OU = See www.entrust.net/legal-terms, OU = "(c) 2009 Entrust, Inc. - for authorized use only", C = US
  • CN = Entrust Root Certification Authority - G4, O = "Entrust, Inc.", OU = See www.entrust.net/legal-terms, OU = "(c) 2015 Entrust, Inc. - for authorized use only", C = US
  • CN = GDCA TrustAUTH R5 ROOT, O = "GUANG DONG CERTIFICATE AUTHORITY CO.,LTD.", C = CN
  • CN = GTS Root R1, O = Google Trust Services LLC, C = US
  • CN = GTS Root R2, O = Google Trust Services LLC, C = US
  • CN = GTS Root R3, O = Google Trust Services LLC, C = US
  • CN = GTS Root R4, O = Google Trust Services LLC, C = US
  • CN = GeoTrust Global CA, O = GeoTrust Inc., C = US
  • CN = GeoTrust Primary Certification Authority, O = GeoTrust Inc., C = US
  • CN = GeoTrust Primary Certification Authority - G2, O = GeoTrust Inc., OU = (c) 2007 GeoTrust Inc. - For authorized use only, C = US
  • CN = GeoTrust Primary Certification Authority - G3, O = GeoTrust Inc., OU = (c) 2008 GeoTrust Inc. - For authorized use only, C = US
  • CN = GeoTrust Universal CA, O = GeoTrust Inc., C = US
  • CN = GeoTrust Universal CA 2, O = GeoTrust Inc., C = US
  • CN = GlobalSign, O = GlobalSign, OU = GlobalSign ECC Root CA - R4
  • CN = GlobalSign, O = GlobalSign, OU = GlobalSign ECC Root CA - R5
  • CN = GlobalSign Root CA, O = GlobalSign nv-sa, OU = Root CA, C = BE
  • CN = GlobalSign, O = GlobalSign, OU = GlobalSign Root CA - R2
  • CN = GlobalSign, O = GlobalSign, OU = GlobalSign Root CA - R3
  • CN = GlobalSign, O = GlobalSign, OU = GlobalSign Root CA - R6
  • CN = Global Chambersign Root - 2008, O = AC Camerfirma S.A.,L = Madrid (see current address at www.camerfirma.com/address), serialNumber = A82743287, C = EU
  • O = "The Go Daddy Group, Inc.", OU = Go Daddy Class 2 Certification Authority, C = US
  • CN = Go Daddy Root Certificate Authority - G2, O = "GoDaddy.com, Inc.", L = Scottsdale, ST = Arizona, C = US
  • CN = Hellenic Academic and Research Institutions ECC RootCA 2015, O = Hellenic Academic and Research Institutions Cert. Authority, L = Athens, C = GR
  • CN = Hellenic Academic and Research Institutions RootCA 2011, O = Hellenic Academic and Research Institutions Cert. Authority, C = GR
  • CN = Hellenic Academic and Research Institutions RootCA 2015, O = Hellenic Academic and Research Institutions Cert. Authority, L = Athens, C = GR
  • CN = Hongkong Post Root CA 1, O = Hongkong Post, C = HK
  • CN = Hongkong Post Root CA 3,  O = Hongkong Post, L = Hong Kong, ST = Hong Kong, C = HK
  • CN = ISRG Root X1, O = Internet Security Research Group, C = US
  • CN = IdenTrust Commercial Root CA 1, O = IdenTrust, C = US
  • CN = IdenTrust Public Sector Root CA 1, O = IdenTrust, C = US
  • CN = Izenpe.com, O = IZENPE S.A., C = ES
  • CN = LuxTrust Global Root 2, O = LuxTrust S.A., C = LU
  • CN = Microsec e-Szigno Root CA 2009, emailAddress = info@e-szigno.hu, L = Budapest, O = Microsec Ltd., C = HU
  • CN = NetLock Arany (Class Gold) F\C5\91tan\C3\BAs\C3\ADtv\C3\A1ny, O = NetLock Kft., OU = Tan\C3\BAs\C3\ADtv\C3\A1nykiad\C3\B3k (Certification Services), L = Budapest, C = HU
  • CN = Network Solutions Certificate Authority, O = Network Solutions L.L.C., C = US
  • CN = OISTE WISeKey Global Root GA CA, O = WISeKey, OU = Copyright (c) 2005, OU = OISTE Foundation Endorsed, C = CH
  • CN = OISTE WISeKey Global Root GB CA, O = WISeKey, OU = OISTE Foundation Endorsed, C = CH
  • CN = OISTE WISeKey Global Root GC CA, O = WISeKey, OU = OISTE Foundation Endorsed, C = CH
  • CN = QuoVadis Root Certification Authority, O = QuoVadis Limited, OU = Root Certification Authority, C = BM
  • CN = QuoVadis Root CA 1 G3, O = QuoVadis Limited, C = BM
  • CN = QuoVadis Root CA 2, O = QuoVadis Limited, C = BM
  • CN = QuoVadis Root CA 2 G3, O = QuoVadis Limited, C = BM
  • CN = QuoVadis Root CA 3, O = QuoVadis Limited, C = BM
  • CN = QuoVadis Root CA 3 G3, O = QuoVadis Limited, C = BM
  • CN = SSL.com EV Root Certification Authority ECC, O = SSL Corporation, L = Housto, ST = Texasn, C = US
  • CN = SSL.com EV Root Certification Authority RSA R2, O = SSL Corporation, L = Houston, ST = Texas, C = US
  • CN = SSL.com Root Certification Authority ECC, O = SSL Corporation, L = Houston, ST = Texas, C = US
  • CN = SSL.com Root Certification Authority RSA, O = SSL Corporation, L = Houston, ST = Texas, C = US
  • CN = SZAFIR ROOT CA2, O = Krajowa Izba Rozliczeniowa S.A., C = PL
  • CN = SecureSign RootCA11, O = "Japan Certification Services, Inc.", C = JP
  • CN = SecureTrust CA, O = SecureTrust Corporation, C = US
  • CN = Secure Global CA, O = SecureTrust Corporation, C = US
  • O = "SECOM Trust Systems CO.,LTD.", OU = Security Communication RootCA2, C = JP
  • O = SECOM Trust.net, OU = Security Communication RootCA1, C = JP
  • O = Sonera, CN = Sonera Class2 CA, C = FI
  • CN = Staat der Nederlanden EV Root CA, O = Staat der Nederlanden, C = NL
  • CN = Staat der Nederlanden Root CA - G3, O = Staat der Nederlanden, C = NL
  • O = "Starfield Technologies, Inc.", OU = Starfield Class 2 Certification Authority,C = US
  • CN = Starfield Root Certificate Authority - G2, O = "Starfield Technologies, L = Scottsdale, ST = Arizona, Inc.", C = US
  • CN = Starfield Services Root Certificate Authority - G2, O = "Starfield Technologies, Inc.", L = Scottsdale, ST = Arizona, C = US
  • CN = SwissSign Gold CA - G2, O = SwissSign AG, C = CH
  • CN = SwissSign Silver CA - G2, O = SwissSign AG, C = CH
  • CN = T-TeleSec GlobalRoot Class 2, O = T-Systems Enterprise Services GmbH, OU = T-Systems Trust Center, C = DE
  • CN = T-TeleSec GlobalRoot Class 3, O = T-Systems Enterprise Services GmbH, OU = T-Systems Trust Center, C = DE
  • CN = TUBITAK Kamu SM SSL Kok Sertifikasi - Surum 1, O = Turkiye Bilimsel ve Teknolojik Arastirma Kurumu - TUBITAK, OU = Kamu Sertifikasyon Merkezi - Kamu SM, L = Gebze - Kocaeli, C = TR
  • CN = TWCA Global Root CA, O = TAIWAN-CA, OU = Root CA, C = TW
  • CN = TWCA Root Certification Authority, O = TAIWAN-CA, OU = Root CA, C = TW
  • O = Government Root Certification Authority, C = TW
  • CN = TeliaSonera Root CA v1, O = TeliaSonera
  • CN = TrustCor ECA-1, ST = Panama, O = TrustCor Systems S. de R.L., OU = TrustCor Certificate Authority, L = Panama City, C = PA
  • CN = TrustCor RootCert CA-1, O = TrustCor Systems S. de R.L., OU = TrustCor Certificate Authority, L = Panama City, ST = Panama, C = PA
  • CN = TrustCor RootCert CA-2, O = TrustCor Systems S. de R.L., OU = TrustCor Certificate Authority, L = Panama City, ST = Panama, C = PA
  • O = Trustis Limited, OU = Trustis FPS Root CA, C = GB
  • O = UniTrust, CN = UCA Extended Validation Root, C = CN
  • CN = UCA Global G2 Root, O = UniTrust, C = CN
  • CN = USERTrust ECC Certification Authority, O = The USERTRUST Network, L = Jersey City, ST = New Jersey, C = US
  • CN = USERTrust RSA Certification Authority, O = The USERTRUST Network, L = Jersey City, ST = New Jersey, C = US
  • CN = VeriSign Class 3 Public Primary Certification Authority - G4, O = "VeriSign, Inc.", OU = VeriSign Trust Network, OU = "(c) 2007 VeriSign, Inc. - For authorized use only", C = US
  • CN = VeriSign Class 3 Public Primary Certification Authority - G5, O = "VeriSign, Inc.", OU = VeriSign Trust Network, OU = "(c) 2006 VeriSign, Inc. - For authorized use only", C = US
  • CN = VeriSign Universal Root Certification Authority, O = "VeriSign, Inc.", OU = VeriSign Trust Network, OU = "(c) 2008 VeriSign, Inc. - For authorized use only", C = US
  • CN = VeriSign Class 3 Public Primary Certification Authority - G3, O = "VeriSign, Inc.", OU = VeriSign Trust Network, OU = "(c) 1999 VeriSign, Inc. - For authorized use only", C = US
  • CN = XRamp Global Certification Authority, O = XRamp Security Services Inc, OU = www.xrampsecurity.com, C = US
  • O = certSIGN, OU = certSIGN ROOT CA, C = RO
  • O = "Chunghwa Telecom Co., Ltd.", OU = ePKI Root Certification Authority, C = TW
  • CN = emSign ECC Root CA - C3, O = eMudhra Inc, OU = emSign PKI, C = US
  • CN = emSign ECC Root CA - G3, O = eMudhra Technologies Limited, OU = emSign PKI, C = IN
  • CN = emSign Root CA - C1, O = eMudhra Inc, OU = emSign PKI, C = US
  • CN = emSign Root CA - G1, O = eMudhra Technologies Limited, OU = emSign PKI, C = IN
  • CN = thawte Primary Root CA, O = "thawte, Inc.", OU = Certification Services Division, OU = "(c) 2006 thawte, Inc. - For authorized use only", C = US
  • CN = thawte Primary Root CA - G2, O = "thawte, Inc.", OU = "(c) 2007 thawte, Inc. - For authorized use only", C = US
  • CN = thawte Primary Root CA - G3, O = "thawte, Inc.", OU = Certification Services Division, OU = "(c) 2008 thawte, Inc. - For authorized use only", C = US