Submit a ticketCall us

WebinarDatabase Roundtable – Expert Database Professionals Feel Your Pain

In this video broadcast, Head Geek™ Tom LaRock is joined by Karen Lopez, Tim Chapman, and David Klee. They’ve known each other for many years, so this discussion was like four friends getting together to talk data and databases. They discussed diagnostic data collection, common performance root causes, reactive tuning versus proactive, and more. Join us for an engaging discussion on these topics! Plus, Tom LaRock will be available to answer your questions live.

Register now.

Home > Success Center > Log & Event Manager (LEM) > Log & Event Manager (LEM) Documentation > LEM Administrator Guide > Set up a separate syslog server for use with LEM

Set up a separate syslog server for use with LEM

Table of contents
No headers

Updated: September 28, 2018

This topic describes how to add a separate syslog server to LEM. The LEM VM includes a syslog server, but you can add a separate syslog server.

This procedure uses the Node Health widget in the Ops Center to set up your syslog server. You can also click "Add Nodes to Monitor" in the Getting Started widget to set up your syslog server.

You can monitor your switches, routers, and firewalls using a syslog server. This server collects and sends syslog messages from non-Agent devices to the LEM Manager over TCP or UDP. Log & Event Manager uses this information to monitor syslog events and displays all events in the Monitor view.

Each device is paired with a connector, enabling Log & Event Manager to parse messages from the syslog server and normalize the log message content to a LEM event.

  1. Open the LEM console. See Log in to the LEM web console or Log in to the LEM desktop console for steps.

  2. On the LEM toolbar, click Ops Center, and then locate the Node Health widget.

  3. In the widget toolbar, click Add Node.

    File:Success_Center/Reusable_content_-_InfoDev/LEM/Log_and_Event_Manager_Administrator's_Guide/LEM_Administrator's_Guide/0400-Set_up_a_separate_syslog_server_for_use_with_LEM/lem_qsg_add_syslog_node5.png

  4. On the Specify Nodes to Add screen, select Syslog node.

    File:Success_Center/Reusable_content_-_InfoDev/LEM/Log_and_Event_Manager_Administrator's_Guide/LEM_Administrator's_Guide/0400-Set_up_a_separate_syslog_server_for_use_with_LEM/lem_qsg_add_syslog_node8.png

  5. Enter your syslog server IP address. This device will send syslog event logs to the LEM Manager.

    File:Success_Center/Reusable_content_-_InfoDev/LEM/Log_and_Event_Manager_Administrator's_Guide/LEM_Administrator's_Guide/0400-Set_up_a_separate_syslog_server_for_use_with_LEM/lem_qsg_add_syslog_node1.png

  6. From the drop-down list, select the node vendor.

  7. Follow the instructions in the window to configure your node and send syslog messages to the LEM appliance.

    File:Success_Center/Reusable_content_-_InfoDev/LEM/Log_and_Event_Manager_Administrator's_Guide/LEM_Administrator's_Guide/0400-Set_up_a_separate_syslog_server_for_use_with_LEM/lem_qsg_add_syslog_node2.png

    If you need help enabling syslog, click the vendor link.

    If the vendor is not in the list, click Other vendors to access the SolarWinds Knowledge Base.

    File:Success_Center/Reusable_content_-_InfoDev/LEM/Log_and_Event_Manager_Administrator's_Guide/LEM_Administrator's_Guide/0400-Set_up_a_separate_syslog_server_for_use_with_LEM/lem_qsg_add_syslog_node3.png

  8. After you configure the node, select the check box in the window, and then click Next.

    File:Success_Center/Reusable_content_-_InfoDev/LEM/Log_and_Event_Manager_Administrator's_Guide/LEM_Administrator's_Guide/0400-Set_up_a_separate_syslog_server_for_use_with_LEM/lem_qsg_add_syslog_node4.png

    The wizard locates the new node and recommends the appropriate connector.

    Connectors enable Log & Event Manager to parse messages from syslog devices and normalize the original log message content to a LEM event.

    If the LEM virtual appliance receives logs from the new device, it automatically detects and presents the device name or IP address.

  9. To confirm the device is identified correctly, click Finish.

    The syslog node displays in the Node Health widget.

  10. (Optional) Based on your LEM deployment architecture, repeat this procedure to add a second syslog server in a multiple location deployment with two or more syslog servers.
Last modified

Tags

Classifications

Public