Generic tips

The following section gives you a generic overview on how to configure an appliance to send its log data to Axoflow. If there is a specific section for your appliance, follow that instead of the generic procedure. For details, see the documentation of your appliance.

CAUTION:

Make sure to set data forwarding as described in this guide. Different setting like other message format or port might be valid, but can result in data loss or incorrect parsing.

Prerequisites

  • You have administrative access to the appliance.
  • The date, time, and time zone are correctly set on the appliance.
  • You have an AxoRouter deployed and configured. This device is going to receive the logs from the appliance.
  • You know the IP address the AxoRouter. To find it:

    1. Open the Axoflow Console.
    2. Select the Hosts or the Topology page.
    3. Click on AxoRouter instance that is going to receive the logs.
    4. Check the Networks > Address field.

Steps

  1. Log in to your device. You need administrator privileges to perform the configuration.

  2. If needed, enable syslog forwarding on the device.

  3. Set AxoRouter as the syslog server. Typically, you can configure the following parameters:

    • Name or IP Address of the syslog server: Set the address of your AxoRouter.

    • Protocol: If possible, set TCP or TLS.

    • Syslog Format: If possible, set RFC5424 (or equivalent), otherwise leave the default.

    • Port: Set a port appropriate for the protocol and syslog format you have configured.

      By default, AxoRouter accepts data on the following ports:

      • 514 TCP and UDP for RFC3164 (BSD-syslog) formatted traffic.
      • 601 TCP for RFC5424 (IETF-syslog) formatted traffic.
      • 6514 TCP for TLS-encrypted traffic.
      • 4317 TCP for OpenTelemetry log data.

      Make sure to enable the ports you’re using on the firewall of your host.

  4. Add the appliance to the Axoflow Console. For details, see Appliances.