Vendors

Prerequisites

You have administrative access to the source device or host.
You have an AxoRouter deployed and configured with a Syslog (autodetect and classify) connector. This device is going to receive the data from the source device or host.
You know the IP address the AxoRouter. To find it:
1. Open the Axoflow Console.
2. Select the Hosts or the Topology page.
3. Click on AxoRouter instance that is going to receive the logs.
4. Check the Networks > Address field.

Steps

To onboard a source that is specifically supported by Axoflow, complete the following steps. Onboarding allows you to collect metrics about the host, and display the host on the Topology page.

Open the Axoflow Console.
Select Topology.
Select + > Source.
If the source is already sending logs to an AxoRouter instance that is registered in the Axoflow Console, select Detected, then select the source.

Otherwise, select the type of the source you want to onboard, and follow the on-screen instructions.
Connect the source to the destination or AxoRouter instance it’s sending logs to.
1. Select Topology > + > Path.
2. Select your data source in the Source host field.
3. Select the target router or aggregator this source is sending its data to in the Target host field, for example, axorouter.
4. Select the Target connector. The connector determines how the destination receives the data (for example, using which protocol or port).
5. Select Create. The new path appears on the Topology page.
Configure the source to send logs to an AxoRouter instance. Specific instructions regarding individual vendors are listed below, along with default metadata (labels) and specific metadata for Splunk.
Note
Unless instructed otherwise, configure your source to send the logs to the Syslog (autodetect and classify) connector of AxoRouter, using the appropriate port. Use RFC5424 if the source supports it.
- 514 TCP and UDP for RFC3164 (BSD-syslog) formatted traffic.
- 601 TCP for RFC5424 (IETF-syslog) formatted traffic.
- 6514 TCP for TLS-encrypted syslog traffic.