Syslog server integration
- Updated: 2023/04/05
Syslog server integration
The Automation Anywhere Control Room supports ingesting tenants' audit log entries in Syslog format to any Syslog server.
- Kiwi Syslog Server
- Splunk
You can configure a Kiwi Syslog Server or a Splunk server that accepts data from a Control Room instance's syslog through a TCP or UDP port. The following example illustrates sending the Syslog data to Kiwi Syslog server through TCP or UDP ports.
Configure Kiwi Syslog Server
Solarwinds Kiwi Syslog Server is a widely used commercial Syslog server. Kiwi Syslog Server Free Edition can monitor Syslog for up to five devices. Download Kiwi Syslog Server Free Edition from the following link: Kiwi Syslog Server Free Edition. After installation, perform the following steps to configure the Kiwi Syslog Server:
-
Navigate to
. -
To forward the logs through UDP, click UDP.
- Enter the UDP port and the IP to which you want to forward the logs.
-
To forward the logs through TCP, click TCP.
- Enter the TCP port and the IP to which you want to forward the logs.
Configure Control Room to send Syslog on UDP or TCP
To configure the Control Room to send Syslog on UDP or TCP, perform the following steps:
To perform the task, you must have a Control Room administrator account with the required rights and permissions.
- Navigate to
. - To add more Syslog servers, click the plus (+) sign.
- Enter the Syslog server information.
Option Action Syslog server hostname Fully qualified domain name (FQDN) or the IP address of the Syslog server to deliver the log reports. Port Port that the remote Syslog server uses to receive incoming Syslog records (for example, port 514). Protocol TCP or UDP. Use Secure Connection Use a TLS encrypted channel to send Syslog records to the remote server. This option is available for TCP only. - To forward the logs to a UDP port, enter the UDP settings (IP, port, and
select UDP from Protocol drop-down).Note: For information about specific settings, see the Kiwi Syslog Server documentation.
- To forward the logs to an TCP port, enter the TCP settings (IP, port, and select TCP from Protocol drop-down) .
- To forward the logs to a UDP port, enter the UDP settings (IP, port, and
select UDP from Protocol drop-down).
- Click Save changes.
Verifying data in the Syslog Server
Reception of logs is verified in the Syslog Server. Perform the following steps to verify the data in Syslog Server:
- Generate a Syslog event by logging in or logging out of the Control Room.
- Verify the logs in the Kiwi Syslog Server.