Setting Up the Edge Filer Syslog Service

  • 1 minute(s) read
Prev Next

To set up the Edge Filer Syslog service:

  1. In the global administration view, select Services > Edge Filer Syslog in the navigation pane.
    The Edge Filer Syslog page is displayed.
    Image

  2. Click Add a Server to define the Syslog Server:
    The New Syslog Server window is displayed.
    image.png
    Address – The address of the Syslog server.
    Port – The syslog server's port number. The default port used by a syslog server is 514 when Protocol Type is UDPand 6514 when Protocol Type is TCP/TLS
    Protocol – The protocol to use for sending logs to the syslog server: UDP or TCP/TLS
    If TCP/TLS is chosen the New Syslog Server window changes:
    image.png

    1. Click Client Certificate to upload the client certificate.
      image.png
    2. Click Select File to select the .pem file client certificate to use.
      Note

      Only pem files are allowed.

    3. Click Select File to select the private key. The private key must match the certificate.
    4. Click Server Certificate to upload the server certificate.
      image.png
    5. Click Select File to select the .pem file server certificate to use.
      Note

      Only pem files are allowed. The certificate must match the client certificate.

    6. Click Save.

    If there is a problem with the TCP connection or with the TLS certificate, for example the client and server certificates do not match or a certificate has expired, an error is displayed, with additional information written to the system log.

    Alert if lag exceeds – The number of messages that are not sent to the Syslog server before an alert is issued,

  3. Click Save.
    The server is added to the list of servers.
    Image
    The Status field is Unknown if the UDP protocol is used and either Connected or Not Connected if the TCP protocol is used.

    Note

    To delete a server, select the server row and click Delete and in the confirmation window click Delete.

  4. Click Enable in the status bar.
    The Edge Filer Syslog service starts.
    Image
    When the service has finished starting the status changes to Active and Running OK.
    Image

  5. Enable CIFS/SMB Audit Logs on every CTERA Edge Filer you want to use with the Edge Filer Syslog service and enable log forwarding to the portal on these edge filers. Log forwarding is enabled from edge filer version 7.11.x in the user interface, in the Logs > Log Forwarding page and in earlier versions using CLI.

Related articles
  • Setting Up the Edge Filer Syslog Service
    Product Documentation > CTERA Portal > 8.2.x (GA Version) > Global Administrator Guide > CTERA Services > Managing the Edge Filer Syslog Service
  • Setting Up the Edge Filer Syslog Service
    Product Documentation > CTERA Portal > 8.1.x (GA Version) > Global Administrator Guide > CTERA Services > Managing the Edge Filer Syslog Service
  • Configuring Logging
    Product Documentation > CTERA Edge Filer > 7.12.x (EA Version) > Administrator Guide > CTERA Edge Filer Logs