GUIDE 5 | XPLG Products Suite | PortX / XpoLog Prepare / Log Management Log data collection policies
After you have installed and configured (PortX/XpoLog), your next step is preparing Log Management and Data Collection policies of your data (for all types or from any data source).
Whether you want to use PortX to collect, manage & optimize your log-data streams and route data/ship the data forward to any log analysis platforms (ELK or others), or whether you want to analyze your log data using XpoLog automatic Log analysis, search, and augmented log insights.
This guide will take you through the simple steps you need to take for preparing your Log Management Data Collection.
Collecting Log/IT Data with PortX/XpoLog is Simple.
You can be sure that PortX/XpoLog Log management supports a large variety of data types and collection methods. (Collect, Parses, Process, Search, and Display)
Supported Log Data Types
Plain-text log file collection such as Syslog collection and other application log files.
Various formats such as Custom-delimited, CSV, JSON, or XML Collection.
Windows EventLogs Collection(When Running on a Windows Server)
Database tables data collection and more…
Dynamic Log Data Collection Methods
Shipping Data to PortX/XpoLog Listeners
(“Push Collection” method)
Log sources can send data (“push”) to PortX/XpoLog in real-time. PortX “listeners” are configured to capture such incoming log data.
Setting up Data Collection with PortX/XpoLog
(“pull Collection” methods)
Local server log directories data collection (direct access where PortX/XpoLog is running).
Direct access to Remote file shares using a UNC path such as \server_nameshared_folder. This is can be used by PortX/XpoLog running on a Windows machine.
Mounted directories direct access.
SSH access to remote Linux or Unix machine log directories (agent-less collection).
JDBC connection to database instances.
Integration with HDFS file system.
Integration with AWS S3 buckets.
Integration with Google App Engine.
Access to remote PortX/XpoLog servers (when the remote PortX/XpoLog acts as a Syslog server)
Single log directory or Multiple log directories.
PortX/XpoLog can ingest log files from a single log directory or multiple log directories. The methods for both are different and this guide will show a series of preparatory steps before adding source data.
These steps can be also done at the end of each data source configuration.
When it is not possible or desired for PortX/XpoLog to periodically connect to a remote data source or device and pull data across.
Shiping (“push”) Data to PortX/XpoLog might be easier for the target systems at regular intervals. With this approach, Data collection is working with listeners set up in PortX/XpoLog.
Listeners are port interfaces where applications and devices can send their payload using a protocol. Once a listener is running, XpoLog ensures it’s “listening” on that port for any newly arrived data. Any data captured on the port is then decoded and saved.
Currently, XpoLog listeners support the following typ3es of traffic types in its listeners:
Syslog over TCP (any port)
Syslog over UDP (any port)
HTTP or HTTPS (the default system HTTP/S ports)
XpoLog transport protocol
Cisco routers and switch using Netflow protocol
Creating Data Listeners
To Setup a listener for collecting log data shipped by application/Services:
Select “DATA”, then “Listen To Data” in the PortX/XpoLog Manager navigation menu:
From the Listeners Configuration Management screen, select “HTTP Listener”:
From the top right corner, click the “Add Account” button.
In the pop-up window, give a name to the new listener, and accept the default values for the token and the URL.
This is the URL the applications or devices will send their data to.
Click on “Advanced Settings”
From the advanced settings fields:
Accept the parent folder name (it is the same as the new listener name) or select/create a folder where the received data will be stored
Accept the default collection policy or select a policy to be automatically applied to the data received on this listener
Accept the log name prefix or change it to a custom prefix
Specify if data received on this listener will be part of one single log, or if it will be split across multiple log files based on the source device
https://www.xplg.com/wp-content/uploads/2020/03/main-image-tal.png200381Jane Kernelhttps://www.xplg.com/wp-content/uploads/2018/11/light-logo.pngJane Kernel2020-03-15 08:10:372020-07-14 09:34:17Hybrid Cloud Challenges: How to optimize monitoring and analytics for ITOps
https://www.xplg.com/wp-content/uploads/2019/08/nginx-Blog-image-2.png200381Jane Kernelhttps://www.xplg.com/wp-content/uploads/2018/11/light-logo.pngJane Kernel2019-08-20 07:14:332020-03-17 06:10:07NGINX Logs: The Full Guide to Monitoring and Analyzing Your NGINX Logs
https://www.xplg.com/wp-content/uploads/2019/06/cyber-security-cybersecurity.jpg200381Jane Kernelhttps://www.xplg.com/wp-content/uploads/2018/11/light-logo.pngJane Kernel2019-06-30 14:30:092020-06-07 06:27:23What Should You Learn from the Massive Data Breach “Operation Soft Cell”?
https://www.xplg.com/wp-content/uploads/2019/06/S3-SECURITY.png200381Jane Kernelhttps://www.xplg.com/wp-content/uploads/2018/11/light-logo.pngJane Kernel2019-06-12 09:23:292020-04-30 07:13:41S3 Security: How to Easily Secure and Audit AWS S3 Buckets?
https://www.xplg.com/wp-content/uploads/2016/02/security.jpg200381Jane Kernelhttps://www.xplg.com/wp-content/uploads/2018/11/light-logo.pngJane Kernel2019-04-07 08:37:362020-05-05 08:21:05Linux Security Guide 2020: How to Investigate Suspected Break-in Attempts in Linux
https://www.xplg.com/wp-content/uploads/2018/11/windowsserver-1.jpg200381Jane Kernelhttps://www.xplg.com/wp-content/uploads/2018/11/light-logo.pngJane Kernel2019-03-20 11:12:102021-03-16 09:58:53How to Look for Suspicious Activities in Windows Servers
Google Analytics Cookies
These cookies collect information that is used to help us customize our website and application for you in order to enhance your experience. These cookies also help us understand how our website is being used or how effective our marketing campaigns are.
If you do not want that we track your visit to our site you can disable tracking in your browser here: