Hi Ma’am / Sir,
Is there anyone who can help me how to add a switch and router device on my graylog for monitoring purpose only. It’s realy hard for me to add our network switches and router since I don’t have idea on how. Please help me. Thank you
Hey @Chybench,
This will depend on the switch/router vendor but typically they will have a way to forward logs via syslog to a given ip on a given port. Older switches/routers are often locked to UDP 514. Here is a randomly selected example of how HP/Aruba forward logs.
Assuming a switch was forwarding logs in a syslog format on UDP 514 then on Graylog you would need to create a UDP syslog input on 514
Hi wine_merchant,
Thanks for the reply. May I know where I can install this syslog or it is in the graylog server how can I find it for me to add the specific IP of our switches or routers. Sorry I’m just new on Linux and graylog app. Please help me. Thank you so much.
@Chybench As you are new, I would suggest making your way through the courses over at Graylog Academy as they are currently free.
Once completed if you have any follow up questions then pleas do post here.