Send Audit Logs to a Syslog Server
LogicHub can send Syslog files directly to your log management system, such as Splunk or Sumo Logic, as they become available on an ongoing basis.
To Edit or to activate
Start Sending Syslog files to your log management system:
Start SendingSyslog files to your log management system:
- Navigate to Settings > Account on left navigation and select Syslog tab.
- Click on Edit to change the default settings.
- Enter the Destination IP Address or Hostname and the Destination Syslog Port of the remote management system.
- Select the Syslog Message Format:
- To encrypt the log content over the network, select the radio button as Yes for Transport Security (TLS).
- Paste the SSL Certification provided by the remote server into the text box that’s provided.
- Click Save.
Start Sendingto start sending files (Green tick mark along with the text
Sendingwill be represented against the STATUS)
LogicHub will start sending Syslog files as they become available.
Stop Sendingto stop sending files at any time (Pause mark along with the text
Not Sendingwill be represented against the STATUS).
When you save and start sending, a test message is sent to the remote Syslog server to validate the configuration of the Syslog server. If the validation is successful, a message is displayed on the screen.
If the remote syslog server is restarted, you need to stop and then restart sending.
Updated about 1 year ago