Lea y revise la documentación de Automation Anywhere

Automation 360

Cerrar contenidos

Contenidos

Abrir contenidos

SysLog Server integration

  • Actualizado: 2022/07/01
    • Automation 360 v.x
    • Administrar
    • Enterprise

SysLog Server integration

The Automation Anywhere Control Room supports ingesting tenant's Audit Log entries in Syslog format to any Syslog servers.

Importante: The options to specify or modify the Syslog configurations are available only for the On-Premises deployment.
By pushing syslog data to any Syslog servers, you can integrate and leverage the advanced searching and reporting features of Syslog server solutions. When configured, the Control Room audit logs are forwarded to both the Transmission Control Protocol (TCP) and User Datagram Protocol (UDP) network protocols. You can use any syslog server. The following syslog servers are tested and certified by Automation Anywhere.
  • Kiwi Syslog Server
  • Splunk

Syslog Configuration

You can configure a Kiwi Syslog Server or a Splunk that accepts data from a Control Room's Syslog through a TCP or UDP port. The example below illustrates sending the Syslog data to Kiwi Syslog server through TCP or UDP ports.

Configure Kiwi Syslog Server

Solarwinds Kiwi Syslog Server is a widely used commercial Syslog server. Kiwi Syslog Server Free Edition can monitor Syslog for up to 5 devices. Download Kiwi Syslog Server Free Edition from the following link: https://www.kiwisyslog.com/free-tools/kiwi-free-syslog-server. After the installation, follow the steps to configure the Kiwi Syslog Server:

  1. Navigate to File -> Setup -> Inputs.

  2. Click UDP (to forward the logs through UDP).
    Kiwi Syslog UDP setup
  3. Enter the UDP port and the IP to which you want to forward the logs.
  4. Click TCP (to forward the logs through TCP).
    Kiwi Syslog TCP setup
  5. Enter the TCP port and the IP to which you want to forward the logs.

Configure Control Room to send Syslog on UDP/TCP

To configure the Control Room to send Syslog on UDP/TCP, perform the following steps:

Nota:

Para realizar esta tarea, debe ser un Control Room administrador y tener los derechos y permisos necesarios.

  1. Navigate to Administration > Settings > Network settings
    Navigate to Syslog in CR
  2. Click on the plus (+) sign to add more Syslog servers.
  3. Ingrese la información del servidor de Syslog.
    Opción Acción
    Nombre del host del servidor Syslog Nombre de dominio completo (FQDN, del inglés Full Qualified Domain Name) o la dirección IP del servidor Syslog para entregar los informes de registro.
    Puerto Puerto que utiliza el servidor remoto de Syslog para recibir los registros de Syslog entrantes (por ejemplo, puerto 514).
    Protocolo TCP o UDP.
    Usar conexión segura Utilice un canal cifrado TLS para enviar registros de Syslog al servidor remoto. Esta opción está disponible solo para TCP.
    1. Enter the UDP settings (IP, Port, and select UDP from Protocol drop-down) to forward the logs to an UDP port.
      Nota: Ensure that you refer to your Kiwi Syslog Server's documentation to get the information regarding the specific settings.

      Configure Syslog settings in CR
    2. Enter the TCP settings (IP, Port, and select TCP from Protocol drop-down) to forward the logs to an TCP port.
  4. Haga clic en Guardar cambios.

Verifying data in the Syslog Server

Reception of logs are verified in the Syslog Server. Perform the following steps to verify the data in Syslog Server:

  1. Generate an Syslog event by logging in or logging out of the Control Room.
  2. Verify the logs in the Kiwi Syslog Server.
    CR Syslogs in Kiwi Syslog Server
If you have configured the Splunk https://www.splunk.com/ as your Syslog server, then you will observe the Syslog messages in the Splunk. Below is the screenshot of the logs configured and registered in Splunk:
CR Syslogs in Splunk
Enviar comentarios