Syslog probe parameters

tednorlander · ‎04-24-2017

Hi,

the sample data given in the docs.servicenow.com states tha following parameters:

Syslog-server, assumed to be in fqdn format.

Mid-server to use: I don't understand this parameter format?

- Is it supposed to be mid.server.<your-midserver-name> or is it supposed to be the hostname specified for the mid server?

Please help asap as I'm setting this up at a customer location right now.

Best regards

Ted

PS! Docs entry listed below for reference only.

var sl = new Syslog('syslog.service-now.com ',
'mid.server.Eclipse', 16);
sl.log('This is a sample log message', 6);

tednorlander · ‎04-24-2017

Got confirmation from HI-support that the naming convention is mid.server.<your-midserver-name>.

You can look this up in your ECC queue where the field 'agent' holds the midserver-name as it should be used in a syslog setup.

/Ted

kumarsatyam · ‎05-21-2018

Hello tedn,

Thanks for the information .

Can you give me basic idea where you called this method (on BR / Event how?) ?

And how you integrated . As I am also in process of Integration but has no clue how to start .

Thanks and regards,

Kumar Satyam

tednorlander · ‎05-21-2018

Hi,

in this particular case we ended up running a scheduled job.

I also 'capped' it by setting up a limit on how many messages it should process each time the job was run.

Learned by hard experience that this kind of job can create an awful lot of records to ship to the syslog-server...

Best regards

Ted

dsharpnote · ‎01-25-2021

Hi Kumar,

Did you ever solve this issue? I am attempting to sending syslogs to a Security Server now, but want to narrow down the conditions with Log Event Extended Format (LEEF).