Remote Syslog Server - Why And How

  • 18 December 2020
  • 0 replies

Userlevel 6
Badge +5
  • Nutanix Employee
  • 433 replies

Any modern environments consist of multiple layers each of which contains multiple components. There are switches and routers, firewalls, physical server, application servers, applications themselves and, of course, users. Each of the components has logs of more than one kind, location and severity. All the components interact with each other directly or indirectly. I am certain you have found yourself in a situation where to establish a root cause you had to inspect logs of more than one entity. 

Establishing a timeline of events is always easier when the sources of the events’ clocks are synchronised and are located in one central location. While the clocks are handled by the NTP the centralised logs location is a syslog server or in this case a remote syslog server implying that it is separate to the origination of the logs. 

In addition to the benefits already mentioned, remote syslog server allows to access logs for the systems that are already dead, decommissioned or replaced. 

Nutanix supports logs shipping to a remote syslog server. You can choose the module for which to receive the logs as well as severity of the messages. 

For configuration steps refer to KB-7250 How to Send Logs to a Remote Syslog Server

This topic has been closed for comments