Use https://seceonhelp.freshdesk.com/support/login to access updated Knowledge Base Articles, Submit Technical Support Tickets and Review Status of submitted support tickets.

Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 6 Current »

Importance:- 


Steps of Configuration:-

  •  Login as root user on the server 

 

  • cd /etc should be the first command ran on server , (to get  inside /etc directory)

  • ls to check the list  , ( similar list will appear)

  • vi rsyslog.conf  command need to be ran next  and enter

  • Scan and  find the red marked line :

  • Once done type the command 

              (Note: Press i and then insert the following changes , to save the changes press Esc then write :wq! and enter .)

                 *.* @CCE_IP:514

  • .
  • Run the command  : service rsyslog restart.(Restart rsyslog service .)

  • To check  the status type the command  service rsyslog status

Verification:-

  • VERIFICATION CAN BE DONE IN TWO WAYS :-

                 1.By checking on UI 

                 2. Checking logs through CCE server

Verification through UI 

  • Open UI >>System tab >> Logs and flows collection status:

  • The IP will reflect below source device IP 


Verification Through CCE server

  • Run the command " sudo tcpdump -i any port 514 and host <IP address>






  • No labels