Set up your network devices so they send syslog data to New Relic.
New Relic prerequisites
- A New Relic account. Don't have one? Sign up for free! No credit card required.
- A New Relic account ID.
- A New Relic license key.
Linux host prerequisites
- SSH access to the host
- Access to install/remove applications and services
- Network access as defined in the network prerequisites
callout.Host-based SNMP trap receiver
To receive syslogs, KTranslate must bind to UDP 514. In a host-based install, the following command will be included during the install process. When executed, KTranslate will be run with elevated privileges.
sudo setcap cap_net_bind_service=+ep /usr/bin/ktranslate
If deployed to Docker
- Docker installed in a Linux host
- Ability to launch new containers via command line
Network syslog devices prerequisites
- Configured network devices to send syslog to the host running the ktranslate docker container. Here's how to configure network syslog data collection in some devices:
- Checkpoint - Security Gateway. You must sign in to the User Center/PartnerMAP checkpoint.
- Cisco - ASA
- Cisco - IOS
- Cisco - Meraki
- Cisco - NX-OS
- F5 - BIG-IP
- Fortinet Fortigate
- Juniper - Junos
- Palo Alto - PAN-OS
Network security prerequisites
Docker host only
Linux or Docker host
Source devices for syslog data
Linux or Docker host
Linux host only
packagecloud.io for downloading rpm or deb packages (not required for Docker-based install)
The default listening port for ktranslate is port
5143 (TCP/UDP). To use the more common syslog port of
514, our guided install redirects traffic into the Docker container with the flag
-p 514:5143/udp. To bind the listener to a port above
-syslog.source="0.0.0.0:<port>" to the end of the run command instead.
Set up network syslog monitoring in New Relic
- Go to one.newrelic.com > Add more data.
- Scroll down until you see Network and click Syslog.
- Follow the steps outlined in the New Relic UI. The available installation methods are Docker or Linux package manager.
one.newrelic.com > Add more data > Network > Syslog to set up Syslog data monitoring.
Here's a short video (2:56 minutes) showing how to set up network syslog monitoring:
If you prefer to do the setup manually, see the instructions below.
Did this doc help with your installation?
Investigate your device syslog messages in the New Relic logs UI, using the following query:
To get better visibility into your network device performance, set up SNMP data monitoring.
To get better visibility into how your network is being used, set up network flow data monitoring.