How can we help?

Configuring Syslog on a Linux Server

Follow

Here's how you can configure your Linux server to send logs to the Auvik Collector:

Install and Configure Syslog Client:

Most Linux distributions come with a syslog daemon (rsyslog or syslog-ng) pre-installed. You can configure these daemons to send logs to your syslog server.

a: Using rsyslog:

  1. Edit the rsyslog configuration file (usually /etc/rsyslog.conf or /etc/rsyslog.d/50-default.conf on Debian/Ubuntu systems) and add the following line at the end to send all logs to your syslog server:
    *.* @<AUVIK COLLECTOR IP>:514
  2. Replace <AUVIK COLLECTOR IP> with the IP address or hostname of your Auvik Collector.
  3. Save the configuration file.
  4. Restart the rsyslog service:
    sudo systemctl restart rsyslog

b. Using syslog-ng:

  1. Edit the syslog-ng configuration file (usually /etc/syslog-ng/syslog-ng.conf) and add a destination and log statement to send logs to your syslog server. Here's an example:
    destination d_net { syslog("<AUVIK COLLECTOR IP>" transport("udp") port(514)); }; log { source(s_sys); destination(d_net); };
  2. Replace <AUVIK COLLECTOR IP> with the IP address or hostname of your Auvik Collector.
  3. Save the configuration file.
  4. Restart the syslog-ng service:
    sudo systemctl restart syslog-ng

Firewall Configuration

Ensure that your Linux computer's firewall allows outgoing traffic to the syslog server's IP address on the syslog port (UDP port 514). 

That's it! Your Linux server should now be sending logs to Auvik for centralized log management. 

Was this article helpful?
0 out of 1 found this helpful
Have more questions? Submit a request