In order to configure server address, we need to add the entry in zeusafm.conf file, the path for this file is as below:
$ZEUSHOME/zxtm-<your-version>/conf_<either A or B depending on which is present>/zeusafm.conf
($ZEUSHOME is the installation directory, e.g. /usr/local/zeus or /opt/zeus, etc)
For example, on a single vTM appliance running version 20.3, the above location could look like this:
/opt/zeus/zxtm-20.3/conf_B/zeusafm.conf
Edit the above file using an editor like vi or nano after logging into vTM via SSH and append the server IP to line "slaveLogBackend" with file path and type of back-end ( either syslog, syslog-cef, syslog-csv or syslog-rfc5424 based on format of syslog you would like to send ). For example, to send logs in rfc5424 format, edit line as below:
slaveLogBackend file:${ZEUSHOME}/log/stingrayafm/log,syslog-rfc5424:<Ip of server here>
This would trigger a restart of WAF for setting change to take effect.
|
