Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...


In Which Environments Should We Deploy The Agent?
XpoLog Linux-based cluster, is unable to retrieve logs from Windows machines directly.
This limitation doesn't apply in reverse; Windows can retrieve information from Linux.
As a result, the agent is often chosen to be Windows-based in most cases to address this discrepancy.
The windows XPLG agent can send those windows logs to the Linux cluster.
The communication between the agent and the Xpolog cluster occurs through HTTPS protocol.

Flow:

  1. we We configure the Xpolog cluster to be able to connect to the agent using a special account (address book pane)

  2. We configure the agent to be able to establish connections with sources and read logs when necessary.

  3. when the XPLG cluster requires the collection and updating of a log, (define In the connection policy ) the cluster will request the agent to perform this update. The agent, on behalf of the cluster, will establish contact with the source and transmit the data to the cluster. note: The agent doesn't save any log data; instead, it just verify that this log contains fresh information and send it over to the xpolog Cluster.

...

How to add logs from a remote XPLG agent ?

First, add logs to the agent using the same regular methods of adding logs.
Note that the log size will be set to 0, as the agent does not store any data.
Next, go to the cluster and add a new log from type called 'Remote XpoLog.'
Choose the agent account that we created.
This will display the agent's folders and logs section, and now simply select the log that the cluster should retrieve from the agent.

  • Add a new log source to the agent:

    • Navigate to portX > Data > Add Data > Local.

    • Click the Browse button and select the log file (e.g., /var/log/secure).

    • Click the Add Log button.

    • Click Save, then Save and Close.

  • Log in to the cluster:

    • Go to portX > Data > Add Data.

    • Select Add Log and choose the remote Remote XpoLog and the account you created.

    • Click the Browse button, select the desired log file, and click Save.

Agent License

We typically apply a more limited license for the agent, since the agent does not need use all of the XPLG features. Please contact XPLG to obtain the appropriate license.