Breadcrumbs

High Availability System Monitor Configuration

The System Monitor collects all logs that are managed by LogRhythm and requires additional configuration for HA operation.

System Monitor – Configuring Syslog for HA Operations

  1. Launch the LogRhythm Console.

  2. Log on with privileged account credentials.

  3. On the main toolbar, click Deployment Manager.

  4. Click the System Monitor Agents tab.

  5. Double-click the System Monitor Agent installed on the HA system.
    The System Manager Agent Properties window appears.

  6. In the bottom-left corner of the window, click Advanced.

  7. In the Group column, locate the SyslogServer named SyslogServerNIC. Confirm that the Value is the shared IP Address. Change, if necessary.

  8. Click OK to return to the System Manager Agent Properties window.

  9. Click OK.

System Monitor – Configuring NetFlow for HA Operations

  1. Launch the LogRhythm Console.

  2. Log on with privileged account credentials.

  3. On the main toolbar, click Deployment Manager.

  4. Click the System Monitor Agents tab.

  5. Double-click the System Monitor Agent installed on the HA system.
    The System Manager Agent Properties window appears.

  6. In the bottom-left corner of the window, click Advanced.

  7. Confirm that the Value is the shared IP Address. Change, if necessary.

  8. Click OK to return to the System Manager Agent Properties window.

  9. Click OK.

System Monitor – Configuring sFlow for HA Operations

  1. Launch the LogRhythm Console.

  2. Log on with privileged account credentials.

  3. On the main toolbar, click Deployment Manager.

  4. Click the System Monitor Agents tab.

  5. Double-click the System Monitor Agent installed on the HA system.
    The System Manager Agent Properties window appears.

  6. In the bottom-left corner of the window, click Advanced.

  7. Confirm that the Value is the shared IP Address. Change, if necessary.

  8. Click OK to return to the System Manager Agent Properties window.

  9. Click OK.

System Monitor – Configuring SNMP for HA Operations

  1. Launch the LogRhythm Console.

  2. Log on with privileged account credentials.

  3. On the main toolbar, click Deployment Manager.

  4. Click the System Monitor Agents tab.

  5. Double-click the System Monitor Agent installed on the HA system.
    The System Manager Agent Properties window appears.

  6. Select the SNMP Trap Receiver tab.

  7. Select the Enable SNMP Trap Receiver check box.

  8. In the Listener Settings section, change the Address from 0 to the shared IP Address.

  9. Click OK to close the System Monitor Agent Properties window.