Forwarding logs to a remote syslog server

Configure the appliance to forward the contents of specific log files to a remote syslog server.

The preferred logging approach for the appliance is to send the logs to an external server. This approach can also meet certain compliance requirements.

When the remote syslog forwarding capability is enabled, it monitors local log files and forwards log entries from specific log files to a remote syslog server when new log entries are written in the local log files.

Steps

  1. Click Monitor > Logs > Remote Syslog Forwarding.
  2. Configure the remote syslog server settings as needed.
    Add a remote syslog server definition

    1. Click Add.
    2. Details for the remote syslog server.

    3. Click Save.
    Set the log sources for a remote log server
    1. Select the remote syslog server to send logs to.

    2. Click Sources.

    3. Click Add to add a log source.
    4. Details for the log source and then click OK.
      Name
      Name of the log source.
      Instance Name
      Name of the instance the source log file belongs to. This field is available only if WebSEAL or Azn_Server is selected in the Name field.
      Log file
      Name of the source log file. This field is available only if WebSEAL or Azn_Server is selected in the Name field.
      Tag
      The tag to add to the sent log entries.
      Facility
      The facility with which to send the log entries to the remote server. All messages will be sent with the specified facility code. The available codes can be found at: https://en.wikipedia.org/wiki/Syslog#Facility
      Severity
      The severity of the sent log entries. All messages will be sent with the specified severity level.
      The values are not saved on the server side until you click Save in Step f.
    5. To add multiple log sources, repeat the previous two steps

    6. Click Save.

Parent topic: Monitoring