Use https://seceonhelp.freshdesk.com/support/login to access updated Knowledge Base Articles, Submit Technical Support Tickets and Review Status of submitted support tickets.
Postgresql Logs Configuration
Overview
Using this document we configure Linux server with the CCE, CCE pulls the logs and redirect it to APE.
For this configuration we use UDP port 514.
Steps of Configuration:-
To configure PostGRE SQL logs, please follow the steps:
Log in to the PostGRE server as root.
Run the command: vi /etc/rsyslog.conf
Add the lines as below:
#### GLOBAL DIRECTIVES ####
Add $InputFileName /var/log/postgresql/postgresql-*.log
Add $InputFileTag postgresql_logs
Add $InputFileStateFile state-postgresql-access
Add $InputRunFileMonitor
After adding,configure CCE-IP at the end of file:
#*.* @@remote-host:514
# ### end of the forwarding rule ###
*.* @CCE_IP:514
Restart rsyslog service using the command: service rsyslog restart
To check the status type the command service rsyslog status
Verification:-
VERIFICATION CAN BE DONE IN TWO WAYS :-
1. By Checking on UI
2. Checking logs through CCE server
Verification through UI
Open UI >>System tab >> Logs and flows collection status:
The IP will reflect in System tab as source device IP.
Verification Through CCE server
Run the command " sudo tcpdump -i any port 514 and host <IP address>
Seceon Inc. All rights reserved. https://www.seceon.com