What is Syslog?
Syslog is an IETF RFC 5424 standard protocol for computer logging and collection that is popular in Unix-like systems including servers, networking equipment, and IoT devices. The log messages generated by a device create a record of events that occur on the operating system or application. The purpose of the message is to provide administrators with information regarding important events, health information, and other normal or abnormal happenings that could prove useful when troubleshooting or working through a security-related issue.
Essentially you receive logs from Vutlan monitoring device onto a separate centralized log collection server. This server is created and managed by your system administrator.
How does syslog work?
When a Vutlan monitoring system is running the syslog daemon, system messages are generated and sent to a centralized log collection server.
The relaying of Syslog messages is commonly sent over UDP port 514 or TCP 6514. The TCP method also offers the benefit of the Transport Layer Security (TLS) protocol to keep messages private. Once collected, an administrator can use a syslog viewer to view, sort, and even alert on the various log messages coming in.
Configure Syslog
To configure the export of logs do the following:
"Main menu" "
", -> "Preferences" -> "Logging" -> "Syslog" in the Interface.
Set the IP address of your centralized log collection server to export the logs to and press "Save".
# | Option | Description |
|---|---|---|
1 | Syslog Server Address | Indicate IP address and port number of the Syslog server (For example, 192.168.0.15:514) |
Attention
Check your Syslog server configuration. Syslog reception over UDP must be enabled.