Firmware: Gentoo 10.1, Linux SuSE 9, F5 BIG-IP
Collector: Network Collector - Syslog
To configure a Syslog-ng module to send log messages to TLC:
| 1. | Open the configuration file (etc/syslog-ng/syslog-ng.conf) and add the following line: |
destination loghost {<tcp_udp>("<manager_ip>" port(<port>));};
filter f_alllogs {
level <filter_level>;
};
log {
source(src);
destination(loghost);
};
Where:
<tcp_udp> is the protocol (TCP or UDP) with which log messages will be sent to TLC,
<manager_ip> is the IP address of the TLC Manager to which log messages will be sent,
<port> is the port on the Manager on which TLC will listen for log messages (either 1468 for TCP, or 514 for UDP), and
filter f_alllogs {...} is an optional filter and <filter_level> indicates the levels to be filtered.
For example:
destination loghost {tcp("10.1.2.3" port(1468));};
filter f_alllogs {
level (debug...emerg);
};
log {
source(src);
destination(loghost);
};
| 2. | To re-start syslog-ng, enter the appropriate command. |
For Gentoo or Linux SuSE, enter:
“kill -HUP `cat /var/run/syslog-ng.pid`”
For F5 BIG-IP, enter:
bigstart restart syslog-ng
|
Next |
If you are performing initial configuration of your TLC environment, see Configuring your TLC Environment. Otherwise, see Adding a Monitored Asset for a new Log Source. |
|---|