Sorry, I've been OOO. I'm not an expert on syslog, but in every ATS deployment I am aware of, there is a distinct infrastructure for shipping logs back to a consolidation point. ATS itself used to do this with what wt in as called "log collation" but in practice no real deployment used it and so it was removed.
On Tue, Aug 11, 2020 at 3:37 AM Trilok Nathreddy <[email protected]> wrote: > Alan, > > Please if you can advise ? > > On Wed, Aug 5, 2020 at 5:46 PM Trilok Nathreddy <[email protected]> wrote: > >> Alan, >> >> The system logs are stored in /var/logs locally so can these be exported >> to remote syslog servers or we need any shippers for these too? >> >> Regards >> Trilok >> >> >> On Wed, Jul 22, 2020 at 8:05 AM Alan Carroll < >> [email protected]> wrote: >> >>> I haven't seen anything directly log to an external platform. That said, >>> it is possible to have ATS logging write to a pipe then put a process on >>> the other end of that pipe that does the logging to the external system. >>> That's been used here to send ATS log entries directly to Kafka. Building >>> on top of this, you can use logging.yaml to create multiple log output >>> objects and log different results to each of them. >>> >>> On Tue, Jul 21, 2020 at 1:22 AM Trilok Nathreddy <[email protected]> >>> wrote: >>> >>>> >>>> I have a question if using >>>> ATS can we directly log to external SIEM platforms eg splunk? also >>>> what if if we wanted to direct system /error logs to different solution and >>>> event/access logs to different solutions? >>>> >>>> regards >>>> Trilok Reddy >>>> >>>
