Integrating Cloud Suite with Syslog Collector Plugin
The Delinea Syslog Collector integration simplifies the process of forwarding events to SIEM tools by eliminating the complexities associated with Docker-based deployments. It removes the need for Docker expertise and minimizes the necessity for frequent engineering involvement. This new solution is secure, reliable, and user-friendly. The Delinea Syslog Collector significantly reduces setup time, enhances supportability, and minimizes ongoing maintenance requirements for customers, support teams, and engineering departments. It ensures seamless integration with SIEM tools, maintains security compliance, and streamlines event management workflows.
Delinea Syslog Collector automatically retrieves event logs from Cloud Suite, formats the logs to the Syslog format, and returns the Syslog-formatted logs to Cloud Suite. Cloud Suite then forwards the logs to SIEM tools, such as Splunk, for analysis, monitoring, and reporting.
Delinea Syslog Collector formats logs in the standard RFC 5424 syslog format. An RFC 5424 syslog message consists of the following components:
-
Header: Contains details such as priority number, version number, timestamp, host name, application, process ID, and message ID.
-
Structured data: Data blocks in “key=value” format.
-
Message: The message content after the header and the structured data. The content is encoded in UTF-8.
For more information about RFC 5424, see IETF's RFC 5424 Syslog Protocol.