Enable SYSLOGS Reception from Devices
- Navigate to the directory <avx_installed_path>/conf
-
Go to the appviewx.conf file using the following command to add the new
plugin to be installed:
$ vi appviewx.conf - Update SYSLOG_RECEIVER_ENABLED as TRUE and hosts where the logstash component
has to be installed.
-
If SYSLOG reception is enabled using an external VIP, configure the VIP
information in the configuration as shown below.
-
To enable Apache Kafka, update the following fields in the appviewx.conf
file:
- KAFKA_ENABLED=true
- KAFKA_HOST
- KAFKA_PORT
- KAFKA_TOPIC
- KAFKA_GROUP_ID
- Add plugins avx_platform_syslog and avx_platform_syslog_receiver to the ENABLED_PLUGINS list. Add the host details for them, too.
-
When you are done editing the fields, press the Esc key, then type
:wqto save and quit the file.$ appviewx --conf-sync -
Initialize the configuration change using the following command:
$ appviewx --initialize all -
To install configuration changes for the log plugin, execute the following
command:
$ appviewx --start plugins avx_platform_syslog $ appviewx --start plugins avx_platform_syslog_receiver $ appviewx --restart avx_platform_logs -
To enable syslog subscription from required vendor plugins, execute the
following command:
$ appviewx --restart plugins avx_vendor_f5 -
Check that the logs and vendor plugins have a status of running by executing
the following commands:
$ appviewx --status plugins avx_platform_logs $ appviewx --status plugins avx_vendor_f5 -
To reflect the SYSLOG configuration changes in vendor devices, perform a config
fetch in the inventory module for the required devices. Any new devices added
after enabling this SYSLOG configuration, are automatically registered in the
vendor devices.
The following plugins are associated with an elasticsearch:
- avx_platform_syslog
- avx_platform_syslog_receiver
Note: Make sure that these plugins are in an enabled state.