Send Audit Logs to a Syslog Server

You can have LogicHub send audit logs to a remote log management system that’s able to accept syslog messages, such as Splunk or Sumo Logic. The logs are sent automatically as they are generated.

  1. Select Settings > Collect Syslog from the side menu.
  2. To edit the default settings, click Edit.
  3. Enter the IP address or hostname and the port of the remote management system.
  4. Select the syslog message format: RFC5424 or BSD.
  5. To encrypt the log content over the network, select Yes for TLS. Paste the certificate provided by the remote server into the text box that’s provided.
  6. Click Save.
  7. To start sending files as they become available, click Start Sending. To stop sending at any time, click Stop Sending.

When you save and start sending, a test message is sent to the remote syslog server to validate the configuration of syslog server. If the validation is successful, a message is displayed on the screen.

📘

Note

If the remote syslog server is restarted, you need to stop and then restart sending.


Did this page help you?