On This Page
Syslog VIP Addresses
Overview
For general information about sending syslogs, see Sending Additional Information using Syslog. Do not send syslog traffic from your devices to your primary VIP.
Cloud Deployments
When installing TOS Aurora on cloud VMs such as Azure (where the install parameter --primary-vip is set to external), syslog data must be sent from your devices to the IP of an external load balancer on your VM. Do not use Syslog VIP Commands below.
On-Premise Deployments
When installing TOS Aurora on-premise (where the parameter --primary-vip is set to an IP address on your network), syslog data must be sent to a dedicated syslog virtual IP. You will need to set up at least one syslog VIP address as described below in Syslog VIP Commands. Do not send syslog traffic to your primary VIP.
If you have over 1,000 devices, this could create a bottleneck and degrade performance and we recommend defining another syslog for every additional 1,000 devices you monitor. However, there is no benefit in defining more syslog-VIPs than the number of worker nodes in the cluster. This applies separately to the central cluster and remote collector clusters.
All syslog VIPs must be on the same subnet as the primary VIP.
The default port for each syslog VIP is 514 but this can be set to a different value.
Syslog VIP Commands
All commands must be run on the primary data node as a user with root privileges. Adding and removing a syslog VIP will temporarily stop TOS services, which may take up to 15 minutes or more.
To add a syslog VIP, see tos cluster syslog-vip add.
To remove a syslog VIP, see tos cluster syslog-vip remove.
To list all defined syslog VIPs, see tos cluster syslog-vip list.
Was this helpful?
Thank you!
We’d love your feedback
We really appreciate your feedback
Send this page to a colleague
