Help Syslogs

Syslogs

Site24x7 AppLogs enhances Syslog monitoring with log content segregated into relevant fields like date & time, application, host, PID, and message. With this, you can easily pinpoint the necessary data over multiple lines of log information as it is presented in one simple and intuitive web client. Learn more about log management with Site24x7.

Getting started 

  1. Log in to your Site24x7 account.
  2. Download and install the Site24x7 Server Monitoring agent (Linux). 
  3. Go to Admin > AppLogs > Log Profile and Add Log Profile.

Logs file path

Each application writes logs in different folders and files. By default, Syslogs are sourced from the below-mentioned folder path for the respective Operating System. If you have logs in a different folder, you can mention it under the File Path to source them from that particular folder while creating a log profile.

Linux icon
:
/var/log/syslog*
 
 
/var/log/messages*

Log pattern

$DateTime:date$ $Host$ $Application$[$PID$]: $Message$

This is the pattern defined by Site24x7 for parsing Syslogs based on the sample mentioned below.

Sample log

Aug  7 07:35:02 magesh-1870 systemd[1]: Stopping CUPS Scheduler...,

The above sample log can be separated into 5 fields, each of which will take its respective value from here and will then be uploaded to Site24x7.

Field name Field value
Date Time Aug  7 07:35:02 
Host magesh-1870
Application systemd
PID 1
Message Stopping CUPS Scheduler...,

Syslogs dashboard

AppLogs creates an exclusive dashboard for every Log Type, and shows a few widgets by default. Here's a list of the widgets available in the Syslogs dashboard:

  • Successful SSH Logins
  • Top Applications
  • Top Hosts
  • Log Events Trend
  • Sudo Command Stats
  • SSH Login Attempts
  • Successful SSH Logins
  • New User/Group
In addition to the default widgets, your saved searches will also be added to the dashboard automatically.
Syslogs Dashboard

Related log types

Was this document helpful?
Thanks for taking the time to share your feedback. We’ll use your feedback to improve our online help resources.

Help Syslogs