Table of Contents

Preface

1. Summary of contents

2. Target audience and prerequisites

3. Products covered in this guide

4. Typographical conventions

5. Contact and support information

5.1. Sales contact

5.2. Support contact

5.3. Training

6. About this document

6.1. Version information

6.2. Feedback

1. Introduction

1.1. What SSB is

1.2. What SSB is not

1.3. Why is SSB needed?

1.4. Who uses SSB?

2. The concepts of SSB

2.1. The philosophy of SSB

2.2. Collecting logs with SSB

2.3. Managing incoming and outgoing messages with flow-control

2.3.1. Flow-control and multiple destinations

2.4. Receiving logs from a secure channel

2.5. Network interfaces

2.6. High Availability support in SSB

2.7. Firmware in SSB

2.7.1. Firmwares and high availability

2.8. Licenses

2.9. The structure of a log message

2.9.1. BSD-syslog or legacy-syslog messages

2.9.2. IETF-syslog messages

3. The Welcome Wizard and the first login

3.1. The initial connection to SSB

3.2. The Welcome Wizard

3.3. Configuring storage access in SSB

4. Configuring and managing SSB

4.1. The structure of the web interface

4.1.1. Elements of the main workspace

4.1.2. Multiple web users and locking

4.2. Basic settings

4.2.1. Network settings

4.2.2. Date and time configuration

4.2.3. SNMP and e-mail alerts

4.2.4. Configuring system monitoring on SSB

4.2.5. Data and configuration archiving and backups

4.3. User management and access control

4.3.1. Managing SSB users locally

4.3.2. Managing SSB users from an LDAP database

4.3.3. Managing user rights and usergroups

4.3.4. Listing and searching configuration changes

4.4. Managing SSB

4.4.1. Controlling SSB — restart, shutdown

4.4.2. Upgrading SSB

4.4.3. Troubleshooting SSB

4.4.4. Accessing the SSB console

4.4.5. Changing the certificates used on SSB

4.4.6. Creating hostlist policies

4.5. Managing SAN access in SSB

5. Configuring the syslog-ng server of SSB

5.1. Configuring message sources

5.1.1. Default message sources in SSB

5.1.2. Converting SNMP messages to syslog messages

5.1.3. Creating message sources in SSB

5.2. Storing messages on SSB

5.2.1. Default logspaces in SSB

5.2.2. Using logstores

5.2.3. Creating custom message spaces in SSB

5.2.4. Managing log spaces

5.2.5. Accessing log files across the network

5.3. Forwarding messages from SSB

5.3.1. Forwarding log messages to SQL databases

5.3.2. Forwarding log messages to remote servers

5.4. Managing log paths

5.4.1. Default logpaths in SSB

5.4.2. Creating new log paths

5.4.3. Filtering messages

5.5. Configuring syslog-ng options

5.5.1. General syslog-ng settings

5.5.2. Using name resolution on SSB

5.5.3. Configuring TLS-encrypted logging

6. Browsing log messages and SSB reports

6.1. Using the search interface

6.2. Log messages available on SSB

6.3. Changelogs of SSB

6.4. Log messages collected to SSB

6.5. Configuration changes of syslog-ng peers

6.6. Notifications on archiving and backups

6.7. Log message alerts

6.8. SSB reports

7. Classifying messages with pattern databases

7.1. The structure of the pattern database

7.2. How pattern matching works

7.3. Searching for rulesets

7.4. Creating new rulesets

7.5. Exporting databases and rulesets

7.6. Importing pattern databases

7.7. Using pattern parsers

7.8. Using parser results in filters and templates

1. Package contents inventory

2. syslog-ng Store Box Hardware Installation Guide

3. syslog-ng Store Box Software Installation Guide

4. Configuring the SAN storage module

5. syslog-ng Store Box License contract

5.1. SUBJECT OF THE LICENSE CONTRACT

5.2. DEFINITIONS

5.3. Words and expressions

5.4. LICENSE GRANTS AND RESTRICTIONS

5.5. SUBSIDIARIES

5.6. INTELLECTUAL PROPERTY RIGHTS

5.7. TRADE MARKS

5.8. NEGLIGENT INFRINGEMENT

5.9. INTELLECTUAL PROPERTY INDEMNIFICATION

5.10. LICENSE FEE

5.11. WARRANTIES

5.12. DISCLAIMER OF WARRANTIES

5.13. LIMITATION OF LIABILITY

5.14. DURATION AND TERMINATION

5.15. AMENDMENTS

5.16. WAIVER

5.17. SEVERABILITY

5.18. NOTICES

5.19. MISCELLANEOUS

6. Creative Commons Attribution Non-commercial No Derivatives (by-nc-nd) License

Glossary

Index