Syslog
Overview
The Syslog menu is used to configure external syslog forwarding for OneDB logs.
Administrators can use this menu to send OneDB log messages to an external syslog server or centralized logging platform. This helps organizations centralize log collection, support monitoring, simplify troubleshooting, and integrate OneDB events with security monitoring tools such as SIEM or log management platforms.
Main Functions
Administrators can use the Syslog menu to:
- Configure syslog server connection parameters
- Define syslog host and port
- Select the syslog transport protocol
- Select the syslog message format
- Save syslog forwarding configuration
- Send a test syslog message
- Verify the active syslog setting
- Support centralized logging and security monitoring
Syslog Configuration Page
The Syslog Configuration page contains three main areas:
| Section | Description |
|---|---|
| Syslog Parameters | Used to configure the external syslog destination and message format. |
| Test Syslog Connection | Used to send a test message to verify the syslog configuration. |
| Syslog Setting | Displays the saved syslog configuration and current status. |
Syslog Parameters
The Syslog Parameters section is used to configure the syslog destination for OneDB log forwarding.
Administrators must define the host, port, protocol, and message format before saving the configuration.
Syslog Parameter Fields
| Field | Description |
|---|---|
| Host | The hostname or IP address of the external syslog server. |
| Port | The port used by the external syslog server. The default syslog port is commonly 514. |
| Protocol | The transport protocol used to send syslog messages. Example: UDP. |
| Format | The syslog message format used by OneDB. Example: RFC5424. |
| Save Configuration | Saves the syslog configuration. |
Host
The Host field defines the destination syslog server address.
This can be an IP address or hostname, depending on the organization’s logging architecture.
Example:
192.168.10.50
syslog.company.localFor testing or local environments, 127.0.0.1 may be used when the syslog receiver is running on the same appliance or host environment.
Port
The Port field defines the destination port used by the syslog server.
Example:
514The port must match the listener port configured on the external syslog server.
Protocol
The Protocol field defines the transport protocol used for sending syslog messages.
Example:
| Protocol | Description |
|---|---|
| UDP | Sends syslog messages using UDP. This is commonly used for syslog forwarding. |
Available protocol options may vary depending on the OneDB version and enabled configuration.
Format
The Format field defines the syslog message format.
Example:
| Format | Description |
|---|---|
| RFC5424 | Sends syslog messages using the RFC5424 syslog message format. |
Available format options may vary depending on the OneDB version and syslog implementation.
Test Syslog Connection
The Test Syslog Connection section is used to send a test log message to the configured syslog server.
This helps administrators verify whether OneDB can send syslog messages successfully to the external destination.
Test Message
The Test Message field allows administrators to enter a custom test message.
Example:
Test syslog connection from OneDB.After entering the message, click Send Test Message.
Send Test Message
The Send Test Message button sends a sample log message to the configured syslog server.
Administrators should verify that the test message is received on the syslog server, SIEM, or log management platform.
Based on the current page note, test logs may be sent for all log levels, including:
| Log Level | Description |
|---|---|
| INFO | General informational log event. |
| WARN | Warning event that may require attention. |
| ERROR | Error event that may require investigation. |
Syslog Setting
The Syslog Setting section displays the saved syslog configuration.
This allows administrators to review the current syslog destination and forwarding status.
Syslog Setting Table
The Syslog Setting table may display the following information:
| Column | Description |
|---|---|
| Host | The configured syslog server address. |
| Port | The configured syslog server port. |
| Protocol | The configured syslog transport protocol. |
| Status | Indicates the current syslog configuration status. |
| Timestamp | The date and time when the syslog configuration was created or last updated. |
If no syslog configuration has been saved, the page may display:
How to Configure Syslog
- Open Systems.
- Select Syslog.
- Enter the syslog server Host.
- Enter the syslog server Port.
- Select the Protocol.
- Select the syslog Format.
- Click Save Configuration.
- Enter a test message in the Test Syslog Connection section.
- Click Send Test Message.
- Verify that the message is received by the external syslog server or centralized logging platform.
Recommended Practice
For production environments, syslog forwarding should be configured to send OneDB logs to a centralized logging platform or SIEM.
Recommended controls:
| Recommendation | Description |
|---|---|
| Use centralized logging | Forward OneDB logs to a central syslog, SIEM, or log management platform. |
| Validate connectivity | Send a test message after saving the syslog configuration. |
| Confirm log receipt | Verify that the external platform receives OneDB syslog messages. |
| Protect log data | Restrict access to syslog servers and log storage. |
| Monitor important events | Create alerts for errors, failed login attempts, and administrative changes. |
| Review configuration | Periodically verify that syslog forwarding is still active and properly configured. |
Important Notes
- The Syslog menu is used to configure log forwarding from the OneDB appliance to an external syslog destination.
- Since OneDB is delivered as an OVA-based appliance, syslog messages may include events generated by OneDB services, supporting application components, and other appliance-level activities depending on the configured logging scope.
- The syslog configuration should be validated by sending a test message and confirming that the external syslog server or SIEM receives the message.
- A successful test message only confirms that a test log can be sent to the configured destination. Administrators should also verify ongoing log forwarding during normal OneDB operation.
- Network routing, firewall rules, syslog server availability, protocol selection, and port configuration may affect syslog delivery.
- UDP-based syslog delivery does not guarantee message delivery. If the environment requires guaranteed delivery, administrators should follow the organization’s logging architecture and supported protocol options.
- Access to syslog configuration should be limited to authorized administrators because incorrect configuration may affect centralized log visibility.
