We would like to be able to forward more than just the 'Syslog' log to a syslog server. We find the other logs having valuable information and being able to forward all logs to a log aggregator where we can easily identify trends/search is desirable for us.
by: Tim S. | over a year ago | Configuration
Comments
Agreed. We have a scenario at a customer where the Async log (in AAF v5.6 update 5) contains information that would allow the Syslog server (ArcSight) to detect if AAF is not able to send an SMS OTP and send a notification to the AAF administrator. But because the Async log is not forwarded, AAF administrator can only react when customers/end users identify that there is a problem.
Bruno - does the CEF log forwarding added in v6.0 satisfy this request?
Troy
Hi Troy
The client is using AAF v5.6 update 5 and it would take a while for them to move to AAF v6.x because of the differences between both versions.
After some conversations with the technical team they mentioned there there is an enhancement request to send the other logs besides the Syslog log but this enhancement is only for v6.0.
The customer is very interested in the information contained in the "Async" log.
It is not our practice to add 'features' to old versions. We only patch old versions still in support. This is especially true with v5.6 to 6.0 changes. In a 5.6 (backward) to 5.5 could be possible by merging the new feature branch into the old version. This is not possible in a 6.0 to 5.6 as they are different code base due to our move to SUSE and Docker.
I will check with engineering on the effort to add this however I do not believe it will be possible.
Troy