System Log Optional Configurations
Configure Syslog Ports
By default, Paragon Insights listens for system log (syslog) messages from all device groups on UDP port 514. You can change the system-level syslog port, as well as configure one or more ports per device group. The more specific device group setting takes precedence over the system level setting.
To change the system-level syslog port:
- Click Configuration > Data Ingest > Settings in the left navigation bar.
- Select the Syslog tab on the left side of the page.
- On the Syslog Settings page, edit the port number.
- Click Save & Deploy.
To configure a syslog port for a device group:
Go to the Configuration > Device Group page and click on the name of a device group.
Click the Edit (Pencil) icon.
In the Edit Device Group window, click Advanced > Ports caret.
Enter the port(s) in the Syslog Ports field.
Click Save & Deploy.
Configure Syslog Time Zone
When a device exports structured syslog messages, time zone information is included within the message. However, unstructured syslog messages do not include time zone information. By default, Paragon Insights uses GMT as the time zone for a device. In these cases, you can assign a time zone to a device or device group within Paragon Insights.
To configure a device’s time zone at the device level:
Configure Host Name Aliases for a Device
When a device has more than one host name, such as a device with dual REs, syslog messages can arrive at the Paragon Insights server with a host name that is not the device’s main host name. In these cases, you can add host name aliases for that device.
If you add a device in Paragon Insights using its IP address, you must also add the host name that will appear in the syslog messages.
To configure additional hostname aliases: