Flowmon
This procedure demonstrates the GUI configuration of Flowmon for all available syslog messages.
If you are interested in advanced Flowmon integration with Logmanager, please go to Flowmon - advanced integration.
- Let’s start by bringing up Configuration Center from main Flowmon GUI.
Flowmon GUI
- Selecting System from the left menu list followed by selection of System settings from top tabs, you will be presented with configurable options. You need to select option “Syslog Event Logging”, enable the “Use syslog event logging”, add the new syslog destination server and save the configuration.
Flowmon system settings
- On the same page click the “Configure Syslog Message” button, enable all and save configuration in this pop-up window as well as in the whole page configuration.
Logging Settings
- If you use Flowmon ADS, it is necessary to also configure log dispatch from this application. Configure two new syslog destinations for Flowmon ADS logs (first for perspective: Operational issues and second for perspective: Security issues) in Menu: Flowmon ADS / Processing / Event Reporting / Syslog as in the screenshot below and save the configuration.
Syslog settings
- For the best Flowmon dashboard results, create a new alert from alert template „Flowmon_log_enhancement“. In this alert, please specify your Flowmon ADS IP address or domain name to a prepared variable with the name “My_flowmon_hostname” and enable this alert.
- Automatic classification on Logmanager will recognize various Flowmon logs and parse them accordingly. Once the first few logs from Flowmon arrive, you should see them in Flowmon specific dashboard on Logmanager.
Edit prefix list
- We are done by clicking the Save button.