The Syslog Insight Pack extends IBM Operations Analytics – Log Analysis so it can ingest and perform metadata searches against syslog data logging. The formatted log includes specific property values in a name/value pair format to aid data ingestion.
Syslog is a standard for recording events to track system activity and to diagnose problems. It separates the software that generates messages from the system that stores them and the software that reports and analyzes them. Implementations are available for many operating systems. Specific configuration permits the direction of messages to various devices (console), files (/var/log/) or remote syslog servers.
rsyslog is an open source software utility used on UNIX and Unix-like computer systems for forwarding log messages in an IP network. It implements the basic syslog protocol. rsyslog version 3 is included as the default syslog tool for RHEL 5.2, and this is the minimum version supported by IBM Operations Analytics – Log Analysis.
The following are a summary of the steps to install the Syslog Insight Pack.
Reference the Syslog Insight Pack documentation for setup and use instructions.
- Create a directory called SCALA_HOME/unity_content/Syslog on the system
where IBM Operations Analytics – Log Analysis is installed.
- Upload the Syslog Insight Pack archive file to the directory created in the prior step.
- Install the Insight Pack with the pkg_mgmt.sh command.
- Deploy the log file agent with the command in the documentation.
Cost: Shipped with Product
- IBM Operations Analytics – Log Analysis v1.3.0 or later
- Support for rsyslog version 3, 5, 6 and 7. rsyslog list format, recommended by rsyslog, for version 7 and higher of rsyslog.
To report a problem with deploying this entry, entitled customers may contact the country specific IBM support channel, reference the IBM Worldwide Directory. Also use the “Support” link to access the support site for IBM Operations Analytics – Log Analysis information.