Forward Analytics Events to Syslog
How to forward Analytics Events to Syslog
Follow the steps in this guide to set up a NGINX Controller Integration that forwards events to a syslog server.
This guide assumes that you already have a working instance of any syslog server.
If you haven’t already done so, you can use an open-source version of Syslog-NG.
You will also need to Create an Integration for your Syslog forwarder.
Take the following steps to create a Forwarder for Splunk:
- Open the NGINX Controller user interface and log in.
- Select the NGINX Controller menu icon, then select Platform.
- On the Platform menu, select Data Forwarders.
- On the Data Forwarders menu, select the Create Data Forwarder quick action.
- Add a name.
- (Optional) Add a display name.
- (Optional) Add a description.
- Select your Integration Reference from the dropdown menu or select Create New to create a new Integration.
- In the Collector Type list, select
- In the Source list, select the type of data to forward:
events. NGINX Controller can forward only
EVENTSdata to syslog.
- In the Output Format list, select
- The Selector field consists of the following query parameters (optional):
filter: The conditions to use to refine the metrics or events data.
- Example usage:
"filter=type='security violation' AND app='my-app'"
- (Optional) Add additional Streams as required using the Add Stream button.
- Refer to Troubleshooting Forwaders for tips on resolving common issues.
This documentation applies to the following versions of NGINX Controller: 3.0, 3.1, 3.2, 3.3, 3.3, 3.4, 3.5, 3.6, 3.7, 3.8, 3.9, 3.10, 3.12, 3.13, 3.14, 3.15, 3.16.1, 3.17 and 3.18.