Configuring Remote Log Forwarding (Syslog)#
VergeOS can be configured to forward logs to a remote Syslog server, an important capability for organizations leveraging log aggregation for centralized management, log archival, and compliance.
Log Retention
Logged activity is typically available within the VergeOS user interface for a maximum of 45 days. Configure remote log forwarding to retain logs for longer periods.
Prerequisites#
- Network connectivity between VergeOS and the remote syslog server
- Appropriate firewall rules to allow syslog traffic (typically port 514)
- Access to VergeOS System Settings
Configuration Steps#
To configure log forwarding to a remote syslog server:
1. Navigate to Advanced Settings#
From the Main Dashboard, navigate to System > Settings > Advanced Settings.
2. Configure the Remote Syslog Server#
- Under the "Setting" column heading, type
syslogand press ++enter++ to search - Select and edit Remote syslog server (tcp: @@name/ip:port, udp: @name/ip:port)
- Configure this setting according to the syntax expected by your remote server:
Server Configuration Examples
- For TCP:
@@10.10.10.10:514 - For UDP:
@10.10.10.10:514
- Click Submit at the bottom of the page to save
3. Configure the Format Template#
- Search for
syslogagain in the settings - Select and edit Template to define for syslog server (See rsyslog for format)
- Enter a syslog template format that is compatible with your remote syslog server
Template Example
Note
Replace your-hostname-here with your actual hostname, or leave as .HOSTNAME_HERE to use the default system hostname.
- Click Submit at the bottom of the page to save the format
Additional Resources#
For more information on syslog templates and formatting options, visit the Rsyslog Documentation.
Verification#
After completing the configuration, logs will begin forwarding to the specified syslog server. Check your remote server logs to verify that VergeOS logs are being received successfully.