Meraki Community
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Syslog server choice

Adrian4
A model citizen
‎Nov 29 2023 2:15 AM
‎Nov 29 2023 2:15 AM

Syslog server choice

Hello,

I am looking at setting up a syslog server in AWS and it will most likely be going on a linux instance.

 

Does anyone have any recommendations for software? Ideally would like it to be free and as easy to setup as possible. 

(I am new to both Linux and setting up syslog servers.).

I see a lot of people use Kiwi but its only Windows. If that's really the best choice we can spin up a Windows instance but I'm told to try and avoid it 😛

Thanks!

0 Kudos
Subscribe
8 Replies 8
DarrenOC
Kind of a big deal
Kind of a big deal
‎Nov 29 2023 2:17 AM
‎Nov 29 2023 2:17 AM

unfortunately i've only used Kiwi for the free and easy piece and mainly for troubleshooting on the fly.  Spin it up, use the trial licence and then blow the instance away.  I've not seen a linux instance of a syslog server but i'm sure they exist.

Darren OConnor | doconnor@resalire.co.uk
https://www.linkedin.com/in/darrenoconnor/

I'm not an employee of Cisco/Meraki. My posts are based on Meraki best practice and what has worked for me in the field.
0 Kudos
Subscribe
Adrian4
A model citizen
‎Nov 29 2023 2:23 AM
‎Nov 29 2023 2:23 AM

also - I see in the list of features for many of the options, they state the max number of log sources.....for Meraki, would the logs all come from the Meraki cloud so to speak and seem as one source? or would each individual device count as a source?

0 Kudos
Subscribe
alemabrahao
Kind of a big deal
Kind of a big deal
‎Nov 29 2023 2:28 AM
‎Nov 29 2023 2:28 AM

The dude syslog is a great option.

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
Subscribe
Brash
Kind of a big deal
Kind of a big deal
‎Nov 29 2023 3:29 AM
‎Nov 29 2023 3:29 AM

I've not had too much experience with free syslog servers but I've heard people liking Graylog

https://graylog.org/downloads/

Subscribe
Adrian4
A model citizen
‎Nov 29 2023 6:30 AM
‎Nov 29 2023 6:30 AM

does anyone know the answer to this?

I see in the list of features for many of the options, they state the max number of log sources.....for Meraki, would the logs all come from the Meraki cloud so to speak and seem as one source? or would each individual device count as a source?

0 Kudos
Subscribe
In response to Adrian4
alemabrahao
Kind of a big deal
Kind of a big deal
‎Nov 29 2023 6:38 AM
‎Nov 29 2023 6:38 AM

In the context of Cisco Meraki, each individual device such as MX Security Appliances, MR Access Points, and MS switches can be configured to send syslog messages to a syslog server. These devices generate different types of logs, including system logs, traffic logs, event logs, IDS alerts, URLs, and flows. Therefore, each device would count as a separate log source.

 

This might give the impression of a single source, but in reality, each device is a separate source of logs.

 

https://documentation.meraki.com/General_Administration/Monitoring_and_Reporting/Syslog_Server_Overv...

 

Please consult with your Cisco Meraki representative for the most accurate information as it can vary based on your specific network configuration.

 

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
Subscribe
In response to alemabrahao
Adrian4
A model citizen
‎Nov 29 2023 7:45 AM
‎Nov 29 2023 7:45 AM

cheers

0 Kudos
Subscribe
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Nov 29 2023 11:56 AM
‎Nov 29 2023 11:56 AM

Meraki has a walk-through for doing this.
https://documentation.meraki.com/General_Administration/Monitoring_and_Reporting/Syslog_Server_Overv... 

 

syslog-ng is the modern version of the traditional syslog daemon for Linux.

Subscribe
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
© 2024 Cisco Systems, Inc.