Documentation forSolarWinds Platform

Monitor Syslog messages

This SolarWinds Platform topic applies to the following products if you are NOT using the Orion Log Viewer to monitor syslogs.

DPAIMNAMNCMNPMNTASAMSRMVNQM

Syslog messages are received by the SolarWinds Log Manager for Orion Syslog Service, which listens for incoming messages on UDP port 514. Received messages are decoded and stored in the Log Analyzer Database. The SolarWinds Log Manager for Orion Syslog Service can handle large numbers of simultaneously incoming Syslog messages from all your monitored devices.

To view Syslog messages in the SolarWinds Platform Web Console, click Alerts & Activity > Syslog.

Monitored Syslog messages will open in the SolarWinds Platform Log Viewer.

See View logs and events with the SolarWinds Platform Log Viewer.

Scalability

A SolarWinds installation can process approximately 1000 events (syslogs, traps, Windows Events, log files, or VMWare events) per second. See Log Analyzer Scalability in the Scalability Engine Guidelines. You can process more by increasing your hardware requirements over the minimum requirements.

Before you begin

  • Confirm that your network devices are configured to send Syslog messages to the SolarWinds Platform server IP address. For proper configuration of network devices, refer to the documentation supplied by the device vendor.
  • Ensure UDP port 514 is open for IPv4 and IPv6.
  • The message should be formatted according to the Request for Comments (RFC) requirements.