Send Audit Logs to a Syslog Server
LogicHub can send Syslog files directly to your log management system, such as Splunk or Sumo Logic, as they become available on an ongoing basis.
To Edit or to activate Start Sending
Syslog files to your log management system:
Start Sending
Syslog files to your log management system:- Navigate to Settings > Account on left navigation and select Syslog tab.
- Click on Edit to change the default settings.
- Enter the Destination IP Address or Hostname and the Destination Syslog Port of the remote management system.
- Select the Syslog Message Format:
RFC5424
orBSD
. - To encrypt the log content over the network, select the radio button as Yes for Transport Security (TLS).
- Paste the SSL Certification provided by the remote server into the text box that’s provided.
- Click Save.
Select
Start Sending
to start sending files (Green tick mark along with the textSending
will be represented against the STATUS)
LogicHub will start sending Syslog files as they become available.Select
Stop Sending
to stop sending files at any time (Pause mark along with the textNot Sending
will be represented against the STATUS).
When you save and start sending, a test message is sent to the remote Syslog server to validate the configuration of the Syslog server. If the validation is successful, a message is displayed on the screen.
Note
If the remote syslog server is restarted, you need to stop and then restart sending.
Updated about 1 year ago