Use https://seceonhelp.freshdesk.com/support/login to access updated Knowledge Base Articles, Submit Technical Support Tickets and Review Status of submitted support tickets.

Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 4 Next »

Overview

We will do the configuration on CLI for the Syslog forwarding to the CCE. We can see the logs in /var/log/messages just fine.

Steps to Configure

We would configure /etc/rsyslog.d/vyatta-log.conf as *.* @remotesysloghost and all work just fine.

Below is the prefered link -

Sending firewall logs to remote Syslog | Ubiquiti Community

Verification of configuration

 

Verification can be done in 2 ways  either on CCE or on UI 

  • VERIFICATION THROUGH UI

1. Open UI >>Systems

  1. Dropdown systems and go inside -

logs and flows collection status.

  1. Under -

The source device IP address section of the device configured will reflect.

  • Verification Through the CCE server

“sudo tcpdump -i any host 9995 and host <IP address> -AAA”

The above command should be run on the CCE server to check whether or not we are getting logs.

 

  • No labels

Seceon Inc. All rights reserved. https://www.seceon.com