Skip to content

Assure1 Event Syslog Aggregator Basics

Overview

The Assure1 Event Syslog Aggregator is a generic syslog message listener that receives messages from devices, parses the results with customizable rules and creates de-duplicated events within Assure1. This pages provides you with a basic overview. For more details refer to: Assure1 Event Syslog Aggregator Advanced

Syslog Aggregator Setup

  1. Review the logic in the rules files referenced in the configuration to see the processing that will be done when syslogs are received:

    • LoadRules will be executed during application startup to load data that might be needed during processing.

    • IncludeRules will be read during application startup to load additional files that might be called during processing.

    • BaseRules will be executed for each device that is selected based on the configuration.

    Update the logic as needed.

  2. Enable the default Service, unless a specific configuration option is needed.

    Configuration -> Broker Control -> Services