Today we’re announcing the release of secure Syslog forwarding, including support for our FedRAMP customers. By leveraging the same Docker image that already collects SNMP and network flows, a simple configuration change allows you to send Syslogs to New Relic One without increasing the burden of managing a different agent or platform.
Syslog helps you understand how your network impacts your infrastructure and application layers by correlating your Syslog messages with the rest of your observability data. The New Relic solution allows you to:
- Analyze Syslog messages with SNMP and Network flow logs across all network equipment with other network, infrastructure, and application telemetry.
- Automatically detect Syslog-based anomalies (using Lookout) before they cause problems.
- Surface patterns and potential issues with zero-configuration Log Patterns.
- Stay within FedRAMP compliance.
Syslogs help you understand infrastructure performance
Performance telemetry helps you understand when a change in performance has occurred. However, understanding why the change happened requires more than performance metrics. For applications, traces coupled with application logs provide those insights, but infrastructure—whether network or compute, physical or virtual—does not produce detailed traces. To understand why a performance metric related to infrastructure changes, you need to produce, store, and analyze Syslogs.
How to configure Syslogs with New Relic
You can send syslogs to New Relic One with a few simple steps. The Instant Observability (I/O) quickstart includes an example dashboard and a guided installation. Alternatively, you may follow along manually using our documentation.
The steps are summarized here:
- Start by logging into your New Relic One account or signing up for a free account.
- Prepare a Linux host running Docker that can send data outbound via HTTPS and that can receive Syslogs from your internal systems.
- Deploy a Docker container that listens for Syslog events and securely forwards them to New Relic.
- Configure your internal systems to send your Syslog streams to the Docker host.
- Explore your Syslog streams using the Logs UI in the New Relic One platform.
For customers using our FedRAMP endpoints, log in to New Relic One and use the guided install to automatically detect and configure the container deployment commands for the FedRAMP-compliant endpoints.
Get started with Syslog forwarding
To begin exploring your Syslog streams using our guided Network Syslog quickstart, log in to your New Relic account or sign up for a free account (100 GB/month of free data ingest, one free full-access user, and unlimited free basic users).
The views expressed on this blog are those of the author and do not necessarily reflect the views of New Relic. Any solutions offered by the author are environment-specific and not part of the commercial solutions or support offered by New Relic. Please join us exclusively at the Explorers Hub (discuss.newrelic.com) for questions and support related to this blog post. This blog may contain links to content on third-party sites. By providing such links, New Relic does not adopt, guarantee, approve or endorse the information, views or products available on such sites.