Quick start guide
In this guide, you will learn all the steps you need to take to start and configure Logmanager for the first time.
Logmanager is delivered as a rack server. For the installation you need to consider following details:
Hardware requirements for the mounting:
Variant | Dimensions | Power Supply | UTP cables |
---|---|---|---|
small Logmanager | 1U | 2x 230V | min. 2x UTP |
big Logmanager | 2U | 2x 230V | min. 2x UTP |
In case of cluster variant it is needed to count multiples of values in the table according to the number of connected nodes.
Connect to the server:
- 2x power cord (redundant power supply)
- UTP cable in the ethernet port 1
- UTP cable in the ethernet port iLO
Start the server now. Server is booted up about 5 minutes from the start.
Factory setting of the server is explained in chapter Factory settings.
-
Connect your PC to the same network as the Logmanager server is connected.
-
Set your IP address and mask, for example 192.168.0.29 and 255.255.255.0.
-
You can now log in to the web administration at the address:
https://<default_Logmanager_IP_address>/
default_Logmanager_IP_address is the factory IP address of your Logmanager server.
- Change the IP address according to your requirements according to chapter IP addresses.
- Now re-set the IP address of your PC, so that you can access the web administration of the Logmanager server again.
- Put the new IP address of your Logmanager server into your browser and log in again.
Default gateway is important for correct communication of the system in your network.
Now it is necessary to set it up, according to chapter Routes.
Set an IP address of your default gateway, which the Logmanager server will to use.
Setting the DNS servers is necessary for example to get additional info from your messages.
Proceed with the setting according to chapter DNS.
Add the addresses of the DNS servers Logmanager will use, and click the Apply button.
Time servers are important for correct functionality of the whole system. Every message stored to the Logmanager server has a timestamp, which will be shifted, if the system has a shifted time.
Set the NTP using the chapter NTP.
To send email messages from the Logmanager server, it is necessary to set the server to send the emails according to the chapter SMTP.
To test the SMTP server, click the test button.
If you own more Logmanager servers, which you want to connect to a cluster, see chapter Cluster.
By building a cluster, the nodes of the cluster are connected. Automatic synchronization between the cluster participants also happens. Setting has to be done on both nodes with identical name and password. IP address will always be the address of the second partner in the cluster.
Set user names, groups and their permissions.
If you are using user accounts in a domain, connect them using LDAP.
Use the chapter Users list.
Now you have to set all network devices to send their audit messages to Logmanager.
Select data sources from following chapters:
Devices that send audit messages through syslog, need to have IP addresses set in Logmanager server using the chapter IP prefix lists.
In most cases, it is enough to have the IP address in the prefix list for correct setting of the device.
- Click on
Logs ‣ Dashboards ‣ Log overview
in the left menu. - Filter messages stored in the database using the table Device IP.
- Check the table ALL EVENTS to see if the individual records are accordingly parsed and saved.
- In case of an incorrect classification of the device to the IP prefix list and a subsequent change, this change will only be used for new incoming messages.