Enable Syslog on the ProxySG/ASG
search cancel

Enable Syslog on the ProxySG/ASG

book

Article ID: 166081

calendar_today

Updated On:

Products

Advanced Secure Gateway Software - ASG ProxySG Software - SGOS

Issue/Introduction

You would like to know the steps needed to enable Syslog on the Edge SWG (ProxySG). 
 

Resolution

Syslog is an event-monitoring scheme that is especially popular in Unix environments. Sites that use Syslog typically have a log host node, which acts as a sink for several devices on the network. You must have a Syslog daemon operating in your network to use Syslog monitoring. The Syslog format is: Date Time Hostname Event.

To enable Syslog Monitoring from the Management Console (https://<ip.address.of.proxysg:8082>):

  1. Select the Maintenance tab > Event Logging > Syslog tab
  2. Click on the New button.  Enter the domain name or IP address of your log host server in the Loghost field and click on the OK button.
  3. Check the Enable Syslog check box and click Apply

To enable Syslog Monitoring from the CLI, use the following commands:

SGOS>
SGOS>enable
Enable password:
SGOS#config t
SGOS#(config)event-log
SGOS#(config event-log)syslog loghost loghost
SGOS#(config event-log)syslog enable
  ok

In versions 7.3.8.1 and later the above command is deprecated. Use 'default syslog' under 'notifications' to enable it.

SGOS>
SGOS>enable
Enable password:
SGOS#config t
ProxySG#(config)event-log
ProxySG#(config event-log)notifications
ProxySG#(config event-log notifications)default syslog enable
  ok

Note: The Syslogs will now be written to the loghost server you specified.