Download PDF

Product Requirements

Reveal(x) Enterprise and ExtraHop Performance systems

Thank you! We will contact you soon to ask how we can improve our documentation. We appreciate your feedback.

Was this topic helpful?

Yes No

Thank you for your feedback. Can we contact you to ask follow up questions?

How can we improve?

Need more help?

Ask the Community

Send system notifications to a remote syslog server

The syslog export option enables you to send alerts from an ExtraHop system to any remote system that receives syslog input for long-term archiving and correlation with other sources.

Only one remote syslog server can be configured for each ExtraHop system.

Log in to the Administration settings on the ExtraHop system through https://<extrahop-hostname-or-IP-address>/admin.
In the Network Settings section, click Notifications.
In the Destination field, type the IP address of the remote syslog server.
From the Protocol drop-down menu, select TCP or UDP. This option specifies the protocol over which the information will be sent to your remote syslog server.
In the Port field, type the port number for your remote syslog server. By default, this value is set to 514.
Click Test Settings to verify that your syslog settings are correct. If the settings are correct, you should see an entry in the syslog log file on the syslog server similar to the following:
```
Jul 27 21:54:56 extrahop name="ExtraHop Test" event_id=1
```
Click Save.

Next steps

After you confirm that your new settings are working as expected, preserve your configuration changes through system restart and shutdown events by saving the Running Config file.

Last modified 2023-11-07

Documentation

Products

Differentiation

Solutions

Security Operations

Cloud-Native Security

Application Analytics

Network Performance

Customers

Community

Partners

Support

Training

Resources

More Resources

Company

Events and Information

Send system notifications to a remote syslog server