Demonstrate the installation of a syslog server (PRTG) - Link to the lesson
Once you have PRTG installed you'll run it through the web browser
From the Start Menu
Type CMD (Command Prompt)
Type in ipconfig
Find your IP Address
Type it in the browser with :8080 at the end
PRTG is installed as a Desktop program and then accessed through the web browser
Assessment
Report
Installation, must include:
• installing the software
• configuring the device to the syslog server (devices could include desktop PC, network switches, firewalls and servers)
• checking the firewalls allowing syslog communication
Use this specific lesson within Virtual Box
• analysing data captured in the syslog server
Please note that you'll need administrator access on your computer and possibly on the devices you're connecting to the syslog server. Also, the actual steps may vary based on the software and hardware you're using.
Download:
Download a syslog server software. Some popular options are SolarWinds, Graylog, or syslog-ng.
Install:
Run the downloaded installer and follow the setup wizard.
Launch:
Open the syslog server application once it's installed.
Let's assume you want to add a desktop PC, a network switch, and a firewall to your syslog server.
Desktop PC:
On Windows, you might use a service like NXLog to forward logs to your syslog server.
On macOS and Linux, you can edit the /etc/syslog.conf file to point to your syslog server.
Network Switch & Firewalls:
Access the administrative interface (often web-based).
Locate the settings for logging or syslog, and add the IP address of your syslog server.
On Syslog Server:
Ensure your firewall allows incoming traffic on the port your syslog server is listening on, often UDP 514.
On Devices:
Make sure firewalls on your desktop PC, network switch, and firewall also allow outgoing traffic to your syslog server.
Dashboard:
Open your syslog server application and check the dashboard for incoming logs.
Analyze:
Look at different kinds of logs like host IP addresses, event-based messages, timestamps, and severity labels.
Troubleshoot:
Use this information to identify any issues or to gain insights into what's happening across your devices.
Think of the syslog server like the control room of a reality TV show. The server gets video feeds (logs) from different cameras (devices) set up all over the place. The director (you) in the control room (syslog server) can see what's happening everywhere and make decisions accordingly.
Remember to always follow your organization's policy and guidelines while performing these tasks.
Virtually on VMWare, but easily done with Virtual Box now that we've worked with it.