• /
  • ログイン
  • 無料アカウント

Set up network syslog monitoring

Set up your network devices so they send syslog data to New Relic One.

Prerequisites

New Relic One account prerequisites

Linux host prerequisites

  • Docker installed in a Linux host.
  • SSH access to the Docker host, with the ability to launch new containers.

Network syslog devices prerequisites

Network security prerequisites

Direction

Source

Destination

Ports

Protocol

Outbound

Docker host

ktranslate image on Docker Hub

443

TCP

Outbound

Docker host

New Relic Log API endpoint:

  • US Endpoint:
    https://log-api.newrelic.com
  • EU Endpoint:
    https://log-api.eu.newrelic.com

443

TCP

Inbound

Source devices for syslog data

Docker host

5143 (default)

UDP

ヒント

The default listening port for ktranslate is 5143 (TCP/UDP). If you need to use the default syslog port of 514 (or any other port), you can do so by providing a new listening endpoint during Docker runtime. For example: -syslog="0.0.0.0:514".

Set up network syslog monitoring in New Relic One

  1. Go to one.newrelic.com and click Add more data.
  2. Scroll down until you see Network performance monitoring and click Syslog.
  3. Follow the steps in New Relic One. Syslog guided setup
    one.newrelic.com > Add more data > Network performance monitoring > SNMP to set up SNMP data monitoring.

If you prefer to do the setup manually, see the instructions below.

ヒント

ktranslate handles syslog in the following formats: RFC3164, RFC5424, and RFC6587.

Investigate your device syslog messages in the New Relic One logs UI, using the following query:

"plugin.type":"ktranslate-syslog"

To get better visibility into your network device performance, set up SNMP data monitoring.

To get better visibility into how your network is being used, set up network flow data monitoring.

問題を作成する
Copyright © 2022 New Relic Inc.