Hello,
I am looking at setting up a syslog server in AWS and it will most likely be going on a linux instance.
Does anyone have any recommendations for software? Ideally would like it to be free and as easy to setup as possible.
(I am new to both Linux and setting up syslog servers.).
I see a lot of people use Kiwi but its only Windows. If that's really the best choice we can spin up a Windows instance but I'm told to try and avoid it 😛
Thanks!
unfortunately i've only used Kiwi for the free and easy piece and mainly for troubleshooting on the fly. Spin it up, use the trial licence and then blow the instance away. I've not seen a linux instance of a syslog server but i'm sure they exist.
also - I see in the list of features for many of the options, they state the max number of log sources.....for Meraki, would the logs all come from the Meraki cloud so to speak and seem as one source? or would each individual device count as a source?
The dude syslog is a great option.
I've not had too much experience with free syslog servers but I've heard people liking Graylog
does anyone know the answer to this?
I see in the list of features for many of the options, they state the max number of log sources.....for Meraki, would the logs all come from the Meraki cloud so to speak and seem as one source? or would each individual device count as a source?
In the context of Cisco Meraki, each individual device such as MX Security Appliances, MR Access Points, and MS switches can be configured to send syslog messages to a syslog server. These devices generate different types of logs, including system logs, traffic logs, event logs, IDS alerts, URLs, and flows. Therefore, each device would count as a separate log source.
This might give the impression of a single source, but in reality, each device is a separate source of logs.
Please consult with your Cisco Meraki representative for the most accurate information as it can vary based on your specific network configuration.
cheers
Meraki has a walk-through for doing this.
https://documentation.meraki.com/General_Administration/Monitoring_and_Reporting/Syslog_Server_Overv...
syslog-ng is the modern version of the traditional syslog daemon for Linux.