Implementation Guide › Configuring Event Collection › Configuring the Default Agent › Create a syslog Connector for the Default Agent

Create a syslog Connector for the Default Agent

Create a syslog connector to receive syslog events using the default agent on the CA Enterprise Log Manager server.

To create a syslog connector for the default agent

1. Log into CA Enterprise Log Manager and access the Administration tab.
2. Expand the Agent Explorer and an agent group.

   The default agent is automatically installed into the Default Agent Group. You can move this agent to another group.

3. Select the agent name.

   The default agent has the same name you gave the CA Enterprise Log Manager server during installation.

4. Click Create New Connector to open the connector wizard.
5. Click the Listeners option and provide a name for this connector.
6. Apply suppression rules, and suppression rules as needed in the second and third pages of the wizard.
7. Select one or more targeted syslog integrations from the Available list to use with this connector, and move them to the Selected list.
8. Set UDP and TCP port values, if you are not using the defaults, and provide a list of trusted hosts if your implementation uses them.

   Note: When a CA Enterprise Log Manager agent does not run as root, it cannot open a port below 1024. The default syslog connector therefore uses UDP port 40514. The installation applies a firewall rule to the CA Enterprise Log Manager server to redirect traffic from port 514 through 40514.

9. Select a time zone.
10. Click Save and Close to finish the connector.

    The connector begins collecting syslog events that match the selected integrations on the ports you specified.