Extend the platform,
empower your team.
Secure native syslog collection via endpoint on Dynatrace ActiveGate
TechnologySyslog, short for system logging protocol, enables system administrators to oversee and control log data from various components, such as network devices, Linux host syslogs, syslog servers, or other syslog producers.
Dynatrace Environment ActiveGate installed in monitor remote technologies mode enables a syslog endpoint that is easily configurable for a number of observability and security use cases. Environment ActiveGate is a known Dynatrace edge component with valuable advantages for enterprise environments:
This is intended for users who want to: Integrate syslog to Dynatrace for host and network device observability, automation, and security.
This enables you to: Seamlessly configure syslog integration and learn about recommended syslog observability strategy based on Environment ActiveGate.
In the case where Linux system syslog observability is the main focus, we recommend deploying OneAgent which autodiscovers host syslog data, preserves topology context, and requires minimal configuration and maintenance for use at scale.
Network monitoring - observe internal errors and interruptions in the connectivity of your network devices.
Security - alert on abnormal behaviour, monitor failed login attempts, set events based on incoming logs, and investigate findings with Dynatrace DQL.
Advanced analytics and automated observability - easily integrate syslog from existing collectors like Syslog-ng or Rsyslog servers to Dynatrace for advanced analytics in Grail data lakehouse with Notebooks. Automatically resolve issues with Workflows. Take advantage of Davis AI engine and Dynatrace Platform to resolve issues before they impact application users. If required, Syslog collection via ActiveGate is also supported for Dynatrace Managed.
Edge data transformation - Mask sensitive data, filter logs to ingest only relevant data, and decorate log lines with meaningful attributes.
Prerequisites:
Single change to Environment AcitveGate configuration enables endpoint to receive syslog via TCP (port 601) and UDP (port 514)
The detailed guide available in Dynatrace Syslog ingestion with ActiveGate documentation explains how to configure and verify connection on your Environment ActiveGate on Linux to collect syslog logs in your network and ingest them to Dynatrace.