Log offloading to a central log server
TightGate-Pro offers the possibility to forward system log files (syslog files) to a central log server. In addition, the log files of the web proxy can also be routed out via the central system log.
Forwarding system logs to a central log server
This is required
- IP address and port of the central log server
- Network connection to the central log server
This is how it works
- Logging in as administrator config and selecting the menu item Services.
- Select the menu item Syslog server. The IP address of the central log server is entered here. Up to 25 servers can be configured.
- Selection of the menu item Syslog server type. Here you can select which protocol is to be used to transfer the log files. Please make sure that the selected protocol is supported by your log server.
- Select menu item Syslog server port. Here you can set the receiver port of the central log server to which TightGate-Pro transmits the central log. The port is freely selectable, the following standard ports are defined:
| Protocol | Port |
|---|---|
| TCP & UDP | 514 |
| RELP | 2514 |
| RELPTLS | 3514 |
- The settings in the main menu Save and Apply.
In addition, forward web proxy logs to the central log server
If the proxy logs are to be transmitted to the central log server in addition to the system logs, further settings must be made in addition to setting up the central log server.
This is how it works
- Log in as administrator config and select the menu item proxy.
- Select the menu item Proxy logging. Activate proxy logging by selecting the menu item Anonymous or User.
- If the logging is not to take place in anonymised form, it must be specified under the menu item System Preferences > Pseudomyisation whether the logging contains the plain name of the users or whether pseudonyms are used instead.
- In the next step, it is mandatory to define a lifetime for the proxy protocol, otherwise the logging will not be activated. The log lifetime is defined via the menu item Log lifetime and is specified in days. After the storage period has expired, the protocol files are deleted and cannot be reconstructed. If a 0 is entered, no logging takes place.
Note: If proxy logging is switched off, this menu option is not displayed. - In the last step, select the menu item Log to syslog server and set the option Yes.
- The settings in the main menu Save and Apply. From now on, all proxy logs are transmitted to the central log server together with the syslog.