Litmus Edge Manager event monitoring with external Syslog Servers

A guide to connect LEM with a Syslog server.

Objective

Devices such as servers like Litmus Edge Manager, as well as firewalls, and routers generate logs about events and statuses, and trying to track all that information is challenging.

Using syslog, in tandem with a syslog server, provides a way to easily review and manage those logs for any IT environment.

The syslog protocol has been used for decades as a way to transport messages from Devices to a logging server, typically known as a syslog server.

Due to its longevity and popularity, the syslog protocol has support on most major operating systems, including Linux which is the core behind Litmus Edge Manager.

Syslog provides a standardized way for server to send messages and log events.A syslog message contains the following elements:

    • Header
    • Structured data
    • Message

The header includes information about:

    • the version
    • time stamp
    • host name
    • priority
    • application
    • process ID
    • and message ID

The structured data comprises data blocks in a specific format, which is followed by the log message.

Log messages should be encoded using the 8-bit Unicode Transformation Format (UTF-8). The content of the message is apart from this recommendation highly flexible and can be configured based on individual needs. Which is what makes syslog so popular and effective.

By default, 6 severity levels exist (0 = Emergency, .. , 5 = Warning) plus additional options for informational messages (level 6) and debugging (level 7).

What Is Syslog Server?
Syslog servers are used to collect syslog messages in a single location. And allows the user to both collect the syslog messages and view and filter them.

As Automation gains more and more importance, with the right syslog server, users can configure alerts to notify them of problems coming through syslog. It is also possible to set up other types of responses to messages, such as running scripts, forwarding messages, and logging to a file or create scheduled reports.

As one limitation of the Syslog protocol, Syslog only supports sending messages to a defined location, your Syslog server,  when certain events happen.

To allow customers to benefit from using a Syslog Server and integrating into their IT monitoring environment, Litmus includes with this crucial capability with its Litmus Edge Manager Syslog Integration.

This guide will show based on two examples (Graylog, Nagios LS), how LEM can send Syslog messages to a Syslog Server.

Example Use Case
  • Searching through Logs based on conditions like source, time or severity
  • Sorting and Enriching Logs
  • Streaming messages to route them to the right consumer
  • Processing logs based on rules
  • Visualization
  • Create Alerts and Notifications
  • Create reports like for Audits
  • Archiving of logs
Basic Attributes
  • Supported Litmus Edge versions
    LEM 2.14.x and above
  • Litmus Edge modules used
    LEM Syslog
  • Relevant Non Litmus Software
    any Syslog server supporting Syslog over UDP and Linux
  • Technologies used
    Syslog protocol
Product Category
Knowledge Prerequisites

To successfully be able to use this guide, the user is expected to be knowledgeable about:

Additional Information
Version Information
  • Supported Litmus Edge versions
    LEM 2.14.x and above
  • Last updated
    2023-08-16

You May Also Be Interested In

© Copyright 2023 Litmus Automation Inc. All Rights Reserved. Legal

Consent Preferences