Integrating Syslog Server with cnMaestro to receive Event and Audit Logs

Overview:

This document provides brief insight about configuring Syslog settings in cnMaestro to receive both Event Syslogs and Audit Syslogs from an On-Premise cnMaestro server.

Pre-requisites:

cnMaestro On-Premise Server with 2.3.x and any Free Syslog server on Windows/Linux.

Configuration: The steps below helps the Admin user to configure Syslog server details to receive Event Syslog and Audit Syslog from cnMaestro.

Step1: Adding new entry under Event Syslog table

  1. Navigate to Application > Settings > SyslogPro
  2. Click on Add button available to right-top corner in Event Syslog table

p1.jpg

Step 2: Filling up the fields in Event Syslog window

p2.jpg

  1. Input the name of the Syslog server to which the events must be forwarded.
  2. Input the IP address or Hostname of Syslog server to which the events must be forwarded.
  3. Input the Syslog port (UDP) on which the Syslog server is listening. By default, it is 514
  4. Select (Tick) the check box for required Event Types, (One or more selections are allowed)
  5. Select the severity as to which events to be forwarded to log server, if this is left unchecked, all severities will be considered by default.
  6. Select the Facility and Severity properly in order to classify the events to be sent to Log server.
  7. Finally hit Add and there appears the entry.

Step 3: Adding new entry under Audit Syslog

  1. Navigate to Application > Settings > SyslogPro
  2. Click on Add button available to right-top corner in Audit Syslog table

p3.jpg

Step 4: Filling up the fields in Audit Syslog window

p4.jpg

  1. Input the name of the Syslog server to which the Audit Logs must be forwarded.
  2. Input the IP address or Hostname of Syslog server to which the Audit Logs must be forwarded.
  3. Input the Syslog port (UDP) on which the Syslog server is listening. By default, it is 514
  4. Select (Tick) the check box for required Audit Types, (One or more selections are allowed)
  5. Select the Facility and Severity properly in order to append the same info to Audit logs and forward to Log server
  6. Finally hit Add and there appears the entry.

p4.jpg

Audit Logs: 

QA_US_SERVER_3_MSP - Google Chrome 2020-02-06 15.20.39.jpg

AuditLogs- Google Chrome 2020-02-06 15.21.17.jpg

Note:

  1. Audit/Event Syslogs server options to configure is applicable only on cnMaestro On-premise version and Controller
4 Likes