Auvik’s syslog feature allows you to troubleshoot faster by providing centralized access to syslogs.
Before you begin, make sure port 514 is open on the host with the Auvik collector or port 54059 for the Auvik Docker collector.
Note: Syslog does not currently support alerts via the Auvik platform.
Getting started
- On any Performance site, click Syslog from the side navigation bar.
- Click Summary.
- By default, all billable devices will appear on the list—these are the devices we recommend setting up first to send syslog to Auvik. The device state will say Not Detected.
- To start forwarding syslog to Auvik, you’ll need to configure the device to send syslog to a remote server. Use the IP and port shown in the Export Information column.
- It can take a few minutes to detect incoming messages. Refresh your browser to see if any messages were detected. Once messages are detected, the device state changes to Forwarding.
- Click View to see the incoming messages from the device.
How to set up additional devices for syslog
Although Auvik pre-populates the summary list with billable devices, you can set up any device on the network as long as it’s able to forward syslog.
- On any Performance site, click Syslog from the side navigation bar.
- Click Summary.
- Click Set up more devices.
- Using the filters, search for the device or click Search Devices to view the full list of devices.
- Click on the device you want to add. You’ll be directed to the Syslog - Setup tab in the device dashboard.
- Click Remote Management. Choose Terminal or Remote Browser to access the device. Configure the device to send syslog to a remote server. Use the collector IP and port displayed in the Syslog - Setup tab.
- Once incoming messages are detected, the Syslog - Setup tab will show that syslog has been detected.
- Click View Logs to see the incoming messages.
How to unapprove a device for syslog
You can temporarily stop a specific device from processing syslog. The device can continue sending logs to the collector, but unapproving the device will cause all messages to be discarded. You can approve the device later to restart processing logs without having to change any settings on the device.
- To unapprove a device, click Syslog from the side navigation bar.
- Click Summary.
- In the displayed list of devices, find the device(s) you want to unapprove. Check the box next to the device name.
- Click Unapprove.
- Confirm your action by clicking Unapprove.
- The device status changes to Not Approved.
Once you’re ready for a device to process syslog again, you can follow the steps listed above but click Approve instead.
How to delete a device from syslog summary
- If you no longer want a device to appear on the syslog summary table, make sure the device is no longer forwarding syslog to the Auvik collector.
- Click Syslog from the side navigation bar.
- Click Summary.
- In the displayed list of devices, find the device(s) you want to unapprove. Check the box next to the device name.
- Click Delete.