Chat now with support
Chat with Support

syslog-ng Store Box 6.1.0 - Administration Guide

Preface Introduction The concepts of SSB The Welcome Wizard and the first login Basic settings User management and access control Managing SSB Configuring message sources Storing messages on SSB Forwarding messages from SSB Log paths: routing and processing messages Configuring syslog-ng options Searching log messages Searching the internal messages of SSB Classifying messages with pattern databases The SSB RPC API Monitoring SSB Troubleshooting SSB Security checklist for configuring SSB

Configuring a time (NTP) server

The following describes how to retrieve the date automatically from a time server.

Caution:

It is not recommended to change the timezone, because logspace rotation is based on your currently configured local timezone. If you change the timezone, you will not be able to search in your previously stored logs. Before changing the timezone, contact our Support Team.

To retrieve the date automatically from a time server

  1. Select your timezone in the Timezone field.

  2. Enter the IP address of an NTP time server into the Address field.

  3. Click Commit.

  4. Click the and icons to add new servers or delete existing ones.

SNMP and e-mail alerts

You can configure e-mail and SNMP alerts on the Basic Settings > Management page.

Figure 26: Basic Settings > Management — Configure SNMP and e-mail alerts

Configuring e-mail alerts

The following describes how to configure e-mail alerts.

To configure e-mail alerts

  1. Navigate to Basic Settings > Management > Mail settings.

  2. Enter the IP address or the hostname of the mail server into the SMTP server address field.

    Figure 27: Basic Settings > Management > Mail settings — Configure e-mail sending

  3. Enter the e-mail address where you want to receive e-mails from into the Send e-mails as field. This can be useful for e-mail filtering purposes. SSB sends e-mails from the address provided here. If no e-mail address is entered, e-mails will be sent from the default e-mail address.

  4. Enter the e-mail address of the administrator into the Administrator's e-mail address field. SSB sends notifications related to system-events (but not alerts and reports) to this address.

  5. Enter the e-mail address of the administrator into the Send e-mail alerts to field. SSB sends monitoring alerts to this address.

  6. Enter the e-mail address the person who should receive traffic reports from SSB into the Send reports to field. For details on reports, see Reports.

    Caution:

    To get alert e-mails, provide an e-mail address in this field. Sending alerts fails if these settings are incorrect, since the alerting e-mail address does not fall back to the administrator's e-mail address by default.

  7. Click Commit.

  8. Click Test to send a test message.

    If the test message does not arrive to the server, check if SSB can access the server. For details, see Troubleshooting SSB.

  9. Navigate to Basic Settings > Alerting & Monitoring and select in which situations should SSB send an e-mail alert. For details, see Configuring system monitoring on SSB.

  10. Click Commit.

Configuring SNMP alerts

SSB can send alerts to a central monitoring server via SNMP (Simple Network Management Protocol).

To configure SNMP alerts

  1. Navigate to Basic Settings > Management > SNMP trap settings.

  2. Enter the IP address or the hostname of the SNMP server into the SNMP server address field.

    Figure 28: Basic Settings > Management > SNMP trap settings — Configure SNMP alerts

  3. Select the SNMP protocol to use.

    • To use the SNMP v2c protocol for SNMP queries, select SNMP v2c, and enter the community to use into the Community field.

    • To use the SNMP v3 protocol, select SNMP v3 and complete the following steps:

      Figure 29: Basic Settings > Management > SNMP trap settings — Configure SNMP alerts using SNMPv3

    1. Enter the username to use into the Username field.

    2. Enter the engine ID to use into the Engine ID field. The engine ID is a hexadecimal number at least 10 digits long, starting with 0x. For example 0xABABABABAB.

    3. Select the authentication method (SHA1) to use from the Authentication method field.

    4. Enter the password to use into the Authentication password field.

    5. Select the encryption method (Disabled or AES) to use from the Encryption method field.

      The supported AES method is AES-128.

    6. In the case of AES, enter the encryption password to use into the Encryption password field.

    NOTE:

    SSB accepts passwords that are not longer than 150 characters. The following special characters can be used: !"#$%&'()*+,-./:;<=>?@[]^-`{|}

  4. Click Commit.

  5. Navigate to Basic Settings > Alerting & Monitoring and select in which situations should SSB send an SNMP alert. For details, see Configuring system monitoring on SSB.

  6. Click Commit.

Related Documents