How To Enable New Edge Publisher Logging

Posted on

This article will guide you through the configuration of a New Edge Publisher to enable, update, or disable our syslog feature.
Please refer to our Getting Started Guide for general deployment information.

Publishers are New Edge software components which are deployed in your virtual network at your public cloud provider (e.g. AWS VPC) or internal network in your private datacenter. Publishers make your private applications and services available to authorized users and devices without granting network access.

Enabling / Updating Syslog

  1. Connect your SSH client to the Publisher VM at either the DHCP provided IP address or configured static IP address.
  2. Login to the Publisher VM with the credentials that you set when configuring your New Edge Publisher.
  3. You will be prompted with the New Edge Publisher Configuration Utility.
  4. Enter 2 for “Syslog settings”. Your current configuration will be displayed as well as options for configuration.
  5. Enter 1 to “Configure syslog”.
  6. Enter the hostname or IP of the syslog server that will receive your New Edge logs, e.g. syslog.corporate.com.
  7. Enter the UDP port number of the same syslog server, e.g. 514.
  8. Your New Edge Publisher is now configured to send logs.

Sample Log Content

When the New Edge syslog feature is enabled, the following logs are examples of what you can expect to find captured in your logging system.

{"clientIp": "192.168.0.1", "destHost": "server.example.com", "destPort": 80, "deviceId": "6a2bfc41928c8f2d", "eventId": "NEFLWCREATE", "proto": 6, "sourceIp": "", "sourcePort": 0, "tenant": "example", "userId": "user@example.com"}
{"clientIp": "192.168.0.1", "destHost": "10.1.1.12", "destIp": "10.1.1.12", "destPort": 80, "deviceId": "6a2bfc41928c8f2d", "eventId": "NEFLWCLOSE", "proto": 6, "rxBytes": 166, "sourceIp": "10.1.1.10", "sourcePort": 43854, "tenant": "example", "txBytes": 110, "userId": "user@example.com"}

Disabling Syslog

  1. Connect your SSH client to the Publisher VM at either the DHCP provided IP address or configured static IP address.
  2. Login to the Publisher VM with the credentials that you set when configuring your New Edge Publisher.
  3. You will be prompted with the New Edge Publisher Configuration Utility.
  4. Enter 2 for “Syslog settings”, your current configuration will be displayed first.
  5. Enter 2 to “Disable syslog”.
  6. Your New Edge Publisher is configured to no longer send logs.

Try New Edge Free for 30 Days

New Edge is the best way to provide secure access to both cloud and data center services. Contact us, to learn more about how we can help secure your critical application infrastructure.

Leave a Reply

Your email address will not be published. Required fields are marked *