Documentation forKiwi Syslog Server

Configure input options in KSS NG

Configure input options to enable Kiwi Syslog Server NG to listen on the port and for the protocol used by your network devices. You can configure input options for UDP, TCP, secure TCP, SNMP, and SNMP credentials.

To configure input options, click Setup > Settings from the KSS NG navigation bar. Click Inputs.

Configure UDP input options

You can configure these options to listen for UDP syslog messages or change the UDP listening port.

  • Listen to UDP syslog messages — This option is selected by default to enable KSS NG to receive UDP messages.
  • Port — The default port for UDP syslog messages is 514. If you want to listen on a different port for UDP messages, you can enter any port value from 1 to 65535. If you change the port from 514, the device sending the syslog message must also be able to support the alternate port number.

    • KSS NG can listen for messages on only one UDP port.

Configure TCP input options

You can configure these options to listen for TCP syslog messages or change the TCP listening port.

  • Listen to TCP syslog messages — Select this option to enable KSS NG to receive TCP messages.
  • Port — The default port for TCP syslog messages is 1468. If you want to listen on a different port for TCP messages, you can enter any port value from 1 to 65535. If you change the port from 1468, the device sending the syslog message must also be able to support the alternate port number.

Configure secure TCP (TLS) input options

Some devices support sending secure syslog messages over the TCP channel with transport layer security (TLS). KSS NG supports Secure (TLS) Syslog (RFC 5425).

You can configure these options to listen for secure TCP (TLS) syslog message, change the listening port, assign a Windows certificate, and the TLS version to enable.

Name Description
Listen for secure TCP (TLS) syslog messages Select this option to enable KSS NG to receive secure TCP (TLS) messages.
Port The default port for secure TCP (TLS) syslog messages is 6514. If you want to listen on a different port for TCP messages, you can enter any port value from 1 to 65535. If you change the port from 6514, the device sending the syslog message must also be able to support the alternate port number.
Available Windows certificates

TLS relies on certificate-based authentication. A proper certificate has to be selected from certificate store before any client will be able to successfully connect to KSS NG using TLS-secured TCP channels. The Select Certificate dropdown allows you to browse local certificate stores and pickup a suitable certificate. The selected certificate is used to prove identity of KSS NG to the client. The server itself does not check client certificate and accepts TLS connection from any client.

Certificates that will be used by KSS NG have to be installed into the Local Machine certificate store. Use the Microsoft Management Console to install certificates.

The type of certificate and configuration of public key infrastructure (PKI) is device-specific. See the manufacturer documentation.

Enabled protocols Check the TLS protocols you want to enable for KSS NG to receive messages.

Configure SNMP input options

You can configure these options to listen for SNMP traps or change the UDP listening port.

  • Listen for SNMP traps— Select this option to enable KSS NG to receive SNMP traps.
  • Port — Specify the UDP port that listens for SNMP traps. IPv4 Traps are usually sent to port 162. A value between 1 to 65535 can be entered here. If you choose a value other than 162 or 163, make sure the device sending the trap is also sending to the specified port.

Configure SNMP credentials

SNMP adds security and remote configuration enhancements. You can configure these options to set up your credentials in order to listen for SNMP traps.

Column name Description
Username The username that is specified in the device. It must be a unique value.
Authentication Password The password used to authenticate that the traps are coming from a valid source.
Authentication Algorithm The algorithm used to authenticate that the traps are coming from a valid source. The algorithm is set to MD5 or SHA.
Privacy Password The password used to perform data encryption on the incoming traps.
Privacy Algorithm The algorithm used to perform data encryption on the incoming traps. The algorithm is set to AES or DES/3DES.
Security Level

Security level follows any of the communication mechanisms:

  • No security — No authentication is required and does not include encryption.
  • Authentication only — Authentication is required and does not include encryption.
  • Authentication and Privacy — Authentication and encryption are both required.

Once finished configuring input options, click Apply to save your changes.