Flowmon

This procedure demonstrates the GUI configuration of Flowmon for all available syslog messages. If you are interested in advanced Flowmon integration with Logmanager, please go to Flowmon - advanced integration.

1. Let’s start by bringing up Configuration Center from main Flowmon GUI.

   

2. Selecting System from left menu list followed by selection of System settings from top tabs, you will be presented with configurable options. You need to select option “Syslog Event Logging”, enable the “Use syslog event logging”, add the new syslog destination server and save the configuration.

   

3. On the same page click on the “Configure Syslog Message” button, enable all and save configuration on this pop-up window as well as on whole page configuration.

   

4. If You use Flowmon ADS, it is necessary to configure log dispatch also from this application. Please, configure two new syslog destinations for Flowmon ADS logs (first for perspective: Operational issues and second for perspective: Security issues) in Menu: Flowmon ADS / Processing / Event Reporting / Syslog as in the screenshot below and save the configuration.

   

5. For the best Flowmon dashboard results, please create new alert from alert template „Flowmon_log_enhancement“. In this alert, please specify Your Flowmon ADS IP address or domain name to prepared variable with name “My_flowmon_hostname” and enable this alert.
6. Automatic classification on the Logmanager will recognize various Flowmon Logs and parse them accordingly. Once first logs from Flowmon arrive, you should see them in Flowmon specific dashboard on Logmanager.

   

7. We are done by clicking on the Save button.