Skip to main content
Skip table of contents

Enable the Syslog Reporting

  1. Open the NetMon Web Management interface.

  2. On the top navigation bar, click Configuration, and then click the Syslog tab.

  3. Set the following fields to the appropriate values:



Syslog Type

Set to UDP, TCP, or SecureTCP for Syslog data output. This setting is determined by the protocol used by the Agent receiving data over Syslog. If NetMon is integrated with the LogRhythm SIEM, you should use TCP for Syslog.

Syslog IP

Enter the IP address of the Agent or other collector that will collect Syslog output.

Syslog Port

The default Syslog port for the LogRhythm SIEM is 514, but it can be changed to 601 or to any port higher than 1000.

Syslog Max Line Length

The maximum, single-message line length (in characters) for a Syslog protocol. The default value is 2000.

Password Scrubbing

Set to ON to mask unencrypted passwords as a series of asterisks rather than show them in cleartext.

Forward All Supported Data

Set to ON to allow NetMon to forward alerts and diagnostics, along with metadata such as basic license level, version information, and anonymous usage statistics. Set to OFF (default) to send only alerts and diagnostics.

Heartbeat Report Time

The time interval (in seconds) between heartbeats when NetMon is synced with the LogRhythm SIEM. The default value is 60.

Peer Common Name

Defines the peer common name for SecureTCP. Type a peer common name in the text box. This option is only required if you are using SecureTCP.

CA Cert, Machine Cert, or Machine Key

Certificates required for SecureTCP. Click to upload a CA certificate, machine certificate, and machine key. This option is only required if you are using SecureTCP.

  1. Click Apply Changes.
    NetMon restarts with the new settings, which may take a few minutes

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.