This article explain how to connect your Mac syslog to Apsolab-Server.
To forward your Mac logs to Apsolab-Server you need to enable Apsolab-Server syslog parser.
Configure Apsolab-Server to parse syslog messages
- With administrator account (root), open Settings from Administration menu. Select Services tab.
- In [Syslog] section, enter UDP port number. You can use multiple UDP ports if you want more control over logging threshold, filtering and monitoring. List all ports separated with comma.
- Click ‘Apply Service’ to save your changes.
- Click ‘Close’ to close this window.
- Don’t forget to enable those ports in local Apsolab server firewall.
Mac OS X run syslogd and it is configurable from /etc/syslog.conf file. To forward logs to Apsolab-Server, you will need to edit this file with the root account. For that, open a terminal and login as root.
You can edit the file with: vi /etc/syslog.conf
You can copy/paste the following lines into /etc/syslog.conf file and make the appropriate changes.
In this example, we forward logs to our Apsolab server (host: apsolab) on UDP port 5151.
Our server host name is apsolab.
You can use a host name or an IP address.
# Forward logs to apsolab host on UDP port 5151. *.* @apsolab:5151
Make sure your firewall allows connection to external UDP port 5151.
To make your change effective, restart syslogd service or reboot your Mac.