Configure a Syslog Notification Server

This topic provides instructions on how to configure a Syslog notification server. When enabled, Syslog provides auditing through the use of the RFC 5424 Syslog protocol. Syslog has proven to be an effective format to consolidate logs, as there are many open source and proprietary tools for reporting and analysis.

To configure Syslog as a notification server

  1. Go to netwitness_adminicon_25x22.png (Admin) > System.
  2. In the options panel, select Global Notifications.
  3. Click the Servers tab.
  4. From the netwitness_ic-adddrop.png drop-down menu, select Syslog.
    netwitness_definesyslognotification_532x450.png
  5. In the Define Syslog Notification Server dialog, provide the required information and click Save.

For details of the parameters and descriptions, see Define Notification Server Dialogs.

Note: If you select TCP SSL as the protocol, you must set the Server Port to 6514 unless any other
custom port forwarding mechanism is in place.