Submit a ticketCall us

Don’t fall victim to a ransomware attack
Backups are helpful, but sometimes that’s not enough to protect your business against ransomware. At our live webcast we will discuss how to protect against ransomware attacks with SolarWinds® Patch Manager and how to leverage log data to detect ransomware. Register now for our live webcast.

Home > Success Center > User Device Tracker (UDT) > UDT Administrator Guide > Monitor syslog messages > Forward syslog messages

Forward syslog messages

Table of contents
No headers
Created by Steven Bansil_ret, last modified by Steven Bansil_ret on Feb 01, 2017

Views: 15 Votes: 0 Revisions: 2

The Syslog message forwarding action forwards received syslog messages. Additionally, if you have WinPCap version 3.0 or higher installed on your SolarWinds UDT server, you can forward Syslog messages as spoofed network packets. The following procedure configures available options for forwarded Syslog messages.

The following procedure assumes you are editing a Forward the Syslog Message alert action. For more information about Syslog alert actions, see Configure syslog viewer filters and alerts.

  1. Provide the host name or IP address of the destination to which you want to forward the received Syslog message.
  2. Provide the UDP Port you are using for syslog messaging.

    The default is UDP port 514.

  3. If you want to retain the IP address of the source device, complete the following steps:
    1. Check Retain the original source address of the message.
    2. If you want to designate a specific IP address or host name as the syslog source, check Use a fixed source IP address (or host name), and then provide the source IP address or host name.
    3. If you want to spoof a network packet, check Spoof Network Packet, and then select an appropriate Network Adapter.
    4. Click OK to complete the configuration of your syslog forwarding action.
Last modified
18:06, 31 Jan 2017