Forum Discussion
Nandhi
Cirrus
Cirrushow to send only audit logs to syslog server
We have a syslog server to send logs. Now the requirement is to send only audit/authentication logs to another remote server using tcp. Possible to do from GUI?
Hi Nandhi ,
To send Logs to remote syslog servers , accomplished by 2 methods :
- Syslogng utility which runs over Linux :
- in this method you will face some difficulties to filter / or send specific log messages such as your scenario here of "Audit Logs " by Gui.
- you can send Audit logs by configuring syslog-ng but this can be done only from CLI , to do that follow this article https://my.f5.com/manage/s/article/K56602501 , it just simple modification using some simple linux commands.
- High speed logging ( HSL ) and this run over TMOS :
- This method is much pretty you can use filters easly , you can control in your Logs which you aim to send.
in This Article ( https://techdocs.f5.com/kb/en-us/products/big-ip_ltm/manuals/product/bigip-external-monitoring-implementations-12-0-0/4.html ) you will know about HSL and how to configure it step by step in GUI.
- This method is much pretty you can use filters easly , you can control in your Logs which you aim to send.
So first method needs CLI interactions whereas secon method can be done using GUI.
I hope you find my comment useful ! 🙂
