Set up your network devices so they send syslog data to New Relic.
Prerequisites
New Relic prerequisites
- A New Relic account. Don't have one? Sign up for free! No credit card required.
- A New Relic account ID.
- A New Relic license key.
Linux host prerequisites
- Docker installed in a Linux host.
- SSH access to the Docker host, with the ability to launch new containers.
Network syslog devices prerequisites
- Configured network devices to send syslog to the host running the ktranslate docker container. Here's how to configure network syslog data collection in some devices:
- Checkpoint - Security Gateway. You must sign in to the User Center/PartnerMAP checkpoint.
- Cisco - ASA
- Cisco - IOS
- Cisco - Meraki
- Cisco - NX-OS
- F5 - BIG-IP
- Fortinet Fortigate
- Juniper - Junos
- Palo Alto - PAN-OS
Network security prerequisites
Direction | Source | Destination | Ports | Protocol |
---|---|---|---|---|
Outbound | Docker host |
| 443 | TCP |
Outbound | Docker host |
| 443 | TCP |
Inbound | Source devices for syslog data | Docker host | 5143 (default) | UDP |
Tip
The default listening port for ktranslate is 5143 (TCP/UDP)
. If you need to use the default syslog port of 514
, you can do so by removing --net=host
from your run command, replacing it with -p 514:5143/udp
. To bind the listener to a port above 1024
, add -syslog.source="0.0.0.0:<port>"
to the end of the run command instead.
Set up network syslog monitoring in New Relic
- Go to one.newrelic.com and click Add more data.
- Scroll down until you see Network monitoring and click Syslog.
- Follow the steps in New Relic.
Here's a short video (2:56 minutes) showing how to set up network syslog monitoring:
If you prefer to do the setup manually, see the instructions below.
Investigate your device syslog messages in the New Relic logs UI, using the following query:
"plugin.type":"ktranslate-syslog"
To get better visibility into your network device performance, set up SNMP data monitoring.
To get better visibility into how your network is being used, set up network flow data monitoring.