Port Management
EventLog Analyzer lets you manage UDP/TCP ports to listen for syslogs and SNMP traps from devices through this dashboard.
Note that
- For each protocol, you can add up to a maximum of six ports.
- For collecting Syslog data, you can use the same port for multiple protocols.
- You can also disable the existing default ports and instead can add additional listening ports.
Syslog Ports
- Go to Settings > System Settings > Listener Ports.
- Click Add Syslog Port button
- In the pop-up box that appears, enter the appropriate port number.
- Select its corresponding protocol.
- Click Add.
- To disable a Syslog port, click corresponding to the port you want to disable.
- To enable a Syslog port, click corresponding to the port you want to enable.
- Click corresponding to the port you want to delete.
TCP and TLS protocols cannot share the same port number.Syslog Ports.
SNMP Traps Port Management
To edit the port using which EventLog Analyzer listens to SNMP traps,
- Click corresponding to the SNMP trap port.
- In the pop-up box that appears, enter the desired port number.
- Click Update.
- To enable/disable the SNMP trap port, click / corresponding to it.
- To update credentials for SNMP Trap, click on the credentials button mentioned below.
- Click on the Add Credential to add a new SNMP credential.
- Enter the name for SNMP Credential.
- Select the required Credential level.
- Enter the desired port number. This port will only be used by the workflow and syslog device discovery modules.
- The SNMP V1/V2C will use community string for SNMP Trap and Discovery.
- When you select security level of SNMP V3, additional fields will be required.
- Enter the Engine ID. This will be used for trap collection and sending traps in workflows.
- Select SNMPV3 Credential's Authentication Level.
- Enter the Authentication Phrase for SNMPv3 Credential.
- Select SNMPV3 Credential's Privacy Level.
- Enter Privacy Phrase for SNMPv3 Credential.
Note:
- By default, EventLog Analyzer listens to port 162 (UDP) for SNMP traps.
- When a device not added to EventLog Analyzer starts sending SNMP traps to the product, it will automatically be listed under Other Devices in Settings > Configuration > Manage Devices. Additionally, it will be listed under General applications as SNMP Trap Application.
- The credentials added here can be used when discovering devices via Settings > Configuration > Manage Devices > Syslog Devices and credentials added while discovering devices can be used for SNMP trap collection.