This article covers how to configure Automation Anywhere control room to send syslogs on UDP or TCP.
The Automation Anywhere Control Room supports ingesting tenants' audit log entries in Syslog format to any Syslog server.
By pushing syslog data to a Syslog server, you can integrate and leverage the advanced searching and reporting features of Syslog server solutions. When configured, the Control Room audit logs are forwarded to both the Transmission Control Protocol (TCP) and User Datagram Protocol (UDP) network protocols.
- Admin access in Automation Anywhere
Configure Control Room to send Syslog on UDP or TCP
To configure the Control Room to send Syslog on UDP or TCP, perform the following steps:
Note: To perform the task, you must have a Control Room administrator account with the required rights and permissions.
- Navigate to Administration > Settings > Network settings.
2. To add more Syslog servers, click the plus (+) sign.
3. Enter the Syslog server information.
|Syslog server hostname
|Fully qualified domain name (FQDN) or the Forwarder IP address of the Syslog server to deliver the log reports.
|Port that the remote Syslog server uses to receive incoming Syslog records (for example, port 11537).
|TCP or UDP.
|Use Secure Connection
|Use a TLS encrypted channel to send Syslog records to the remote server. This option is available for TCP only.
a. To forward the logs to a UDP port, enter the UDP settings (Forwarder IP, port, and select UDP from Protocol drop-down).
b. To forward the logs to an TCP port, enter the TCP settings (Forwarder IP, port(11537)and select TCP from Protocol drop-down) .
4. Click Save changes.
Once the configuration is completed, need to validate the logs in chronicle using a regular expression as (".*") this expression or with specific hostname, will provide the log source types which are ingesting to chronicle.
Below is the screen shot for reference.