Skip to content

Syslogd Intro

Overview

The Unified Assurance Event Syslog Aggregator is a generic syslog message listener that receives messages from devices, parses the results with customizable rules and creates de-duplicated events within Unified Assurance.

This page provides you with a basic overview. For more details refer to: Unified Assurance Event Syslog Aggregator Advanced

Syslog Aggregator Setup

  1. Review the logic in the rules files referenced in the configuration to see the processing that will be done when syslogs are received:

    • "LoadRules" will be run during application startup to load data that might be needed during processing.

    • "IncludeRules" will be read during application startup to load additional files that might be called during processing.

    • "BaseRules" will be run for each syslog that is received.

    Update the logic as needed.

  2. Enable the default Service, unless a specific configuration option is needed.

    Configuration -> Broker Control -> Services