Send a syslog message in the Orion Platform
This topic applies to all Orion Platform products except for the following products:
EOC — ETS — WPM
Starting with Orion Platform 2019.2, you can encrypt syslog messages using TCP or TCP/TLS protocols.
- When editing or adding an alert, click Add Action in the Trigger or Reset Action section of the Alert Wizard.
- Select the Send a Syslog Message option, then click Configure Action.
- Under Send a Syslog message settings:
Enter the Hostname or IP Address of the syslog server in the field provided.
Multiple syslog servers should be separated by commas.
- Select a protocol. By default, UDP is selected. Ensure that appropriate ports are open:
Protocol Port to open UDP 514 TCP 1468 TCP/TLS 6514
To specify a different port, provide it directly in the Hostname/IP Address field above.
For example: 22.214.171.124:500 sends a syslog message to 126.96.36.199, port 500.
- If you selected TCP/TLS, further specify certificate validation rules:
- Ignore Certificate Chain Errors: Select the box to ignore any chain errors of the certificate, such as a missing root certificate.
- Disable Certificate Revocation Check: Select the box to skip CRL check of a certificate. Useful to bypass 'revoked certificate' errors.
- Ignore Certificate Name Mismatch: Select to ignore errors where the Common Name or Subject Alternative Name of the certificate does not match the client's (Orion server) host name.
- Select a Severity and a Facility from the drop down lists.
- Enter the Message of your alert trigger in the field provided.
Schedule the action by selecting Time of Day > Use special Time of Day schedule for this action. This schedule only applies to the alert action you are editing.
This is often used to prevent an action from occurring during specific windows.
Select how frequently this action occurs for each triggered alert in Execution Settings.
Click Add Action.