Log Forwarding

The Log Forwarding feature in RecoveryManager Plus enables administrators to integrate with syslog servers to forwards audit logs generated by the product to centralize and view them in your SIEM solution.

A syslog server collects and stores log messages from multiple systems using the syslog protocol. By forwarding backup, recovery, and configuration audit logs to a syslog server, administrators can streamline monitoring, enhance security visibility, and ensure compliance with organizational auditing policies.

Steps to integrate a syslog server with RecoveryManager Plus

To integrate RecoveryManager Plus with a syslog server:

1. Log in to RecoveryManager Plus as an administrator.
2. Navigate to Admin > Administration > Log Forwarding.
3. Toggle on Enable Integration to configure log forwarding settings for the syslog server.
4. Configure the following fields with the respective values:
   • Syslog Server: Enter the hostname of the syslog server.
   • Port: Enter the syslog port number.
   • Protocol: Choose the appropriate protocol, TCP or UDP.
   • Syslog Standard: Select the desired syslog message format from the available options: RFC 3164, RFC 5424, or RawLog.
   • Data Format: Define the structure of the log message.
5. Click Save.

Actions supported

RecoveryManager Plus can forward backup, recovery, and configuration audit logs from AD, Microsoft Entra ID, Microsoft 365, on-premises Exchange, Google Workspace, and Zoho WorkDrive backup and recovery operations.