Site Navigation

Getting Started

Important Moderation Notice

This community is currently under full moderation, meaning all posts will be reviewed before appearing in the community. Please expect a brief delay—there is no need to post multiple times. If your post is rejected, you will receive an email outlining the reason(s). We have implemented full moderation to control spam. Thank you for your patience and participation.

Top Liked Posts

Categories

Related Posts

how to send alarm logs to two remote collectors?

We wish to export alarm logs from the An..
Read More

Setup Analytics cluster in EVE-NG for Proof of Concept

I have an issue in getting the Versa Dir..
Read More

how to send alarm logs to two remote collectors?

iahi
iahi
in Versa Analytics

We wish to export alarm logs from the Analytics log collectors to 2 different remote log collectors. We've created 2x rules. The alarm-log is referenced in both rules. However, the first rule is always matched and logs are therefore never forwarded to both platforms. Only the platform matching the 1st rule receives the logs.

What is the best way to send the alarm-logs to both remote collectors?

Comments

  • Andrey
    Andrey

    Hi iahi,


    I think you can use Remote Collector Group with both external collectors in your Remote Profile, which is used in the first export rule. Hope this should help.

  • Sheik
    Sheik

    We should use the Collector-Group-List option in the Remote Profile instead of configuring 2 Rules. Please follow the below steps to send the logs to both nodes.

    1. Create Remote Collector for each collector node.
    2. Create Remote Collector Group for each collector node. 
    3. Create Remote Profile and Associate the both Remote collector Group in the Collector-Group-List option.
    4. In the Exporter rule associate the Remote Profile created in step3. 

    Now logs must be exported to both remote collectors. 

    Sample configuration:

    set log-collector-exporter remote templates syslog-template type syslog

    set log-collector-exporter remote collectors Remote-Collector-1 description External

    set log-collector-exporter remote collectors Remote-Collector-1 destination-address 192.168.21.1

    set log-collector-exporter remote collectors Remote-Collector-1 destination-port 514

    set log-collector-exporter remote collectors Remote-Collector-1 transport udp

    set log-collector-exporter remote collectors Remote-Collector-1 template syslog-template

    set log-collector-exporter remote collectors Remote-Collector-2 description External

    set log-collector-exporter remote collectors Remote-Collector-2 destination-address 192.168.23.3

    set log-collector-exporter remote collectors Remote-Collector-2 destination-port 514

    set log-collector-exporter remote collectors Remote-Collector-2 transport udp

    set log-collector-exporter remote collectors Remote-Collector-2 template syslog-template

    set log-collector-exporter remote collector-groups RC-Group1 collectors [ Remote-Collector-1 ]

    set log-collector-exporter remote collector-groups RC-Group2 collectors [ Remote-Collector-2 ]

    set log-collector-exporter remote profiles RC-Profile collector-group-list [ RC-Group1 RC-Group2 ]

    set log-collector-exporter exporter rules alarms match local-collector collector1

    set log-collector-exporter exporter rules alarms match log-types [ alarm-log ]

    set log-collector-exporter exporter rules alarms set remote-collector-profile RC-Profile

Sign In or Register to comment.
/* */