We're a bit ahead of things here, but the difference when outputted to vRLI isn't huge. I know that vRLI supports RFC3164 syslog messages and that is what we'll get if we specify the BSD syslog option here. Note that there are a few ways to do this. To specify a remote Syslog server in the Mikrotik router we'll first create an action where we specify the Remote type and the details for our remote server. The first part of this blog will be how I've configured my Mikrotik router (yours might be different so you might have to adjust accordingly), the second part how I've extracted fields from the Syslog messages.
Since I couldn't find any content packs for Mikrotik I thought I'd take the opportunity to do a walkthrough of how to extract fields from syslog messages to get some value from them. Recently I installed a Mikrotik router at home and since I'm in my lab environment are running vRealize Log Insight (vRLI) and I'm using this as my Syslog server I wanted to push logs from the firewall to vRLI.
0 kommentar(er)
