Scanner Appliance Syslog Forwarding

You can automatically have scan related syslog messages (/var/log/messages syslog stream) forwarded from your scanner appliances to a remote syslog server that you define. Only scan status messages are forwarded (See example below). General system
logs will not be forwarded. This feature can be enabled for the subscription by any user with a Manager user role. Once enabled, syslog forwarding is on for all scanner appliances (virtual and physical) currently in the subscription and for new scanners that get added later.

Prerequisites

• The remote syslog server you configure must be reachable from the scanner’s LAN, native VLAN or WAN gateways.
• You must be a Manager user to enable Syslog Forwarding.

Enable Syslog Forwarding

Perform the following steps to enable syslog forwarding:

1. Open a browser and go to the platform URL where your account is located. Login to your account. A Manager account is required.
2. Select VM/VMDR or PC from the application picker. Then go to Scans > Setup > Syslog Forwarding.

   

3. Select the Enable Syslog Forwarding and provide details for the remote syslog server, including the protocol (TCP or UDP), port number (default is 514), and either the IP address (IPv4 or IPv6) or DNS hostname. Then click Save.

   

Syslog message example:

Related Topic

Troubleshooting