Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Background

While XpoLog XPLG is fully functional as an agentless application, i.e.. you can install it anywhere in the environment and import logs into its platform, it is also possible to install XpoLog XPLG as an agent or structure the deployment to several instances for several reasons which are specified below. If you choose to run multiple instances of XpoLog XPLG in the environment, it is possible to connect the different instances over HTTP/S (XpoLog XPLG to XpoLogXPLG ).

When should

...

XPLG to

...

XPLG usage be considered?

There are several key reasons to consider installing multiple instances of XpoLog XPLG to manage an environment:

  • Inaccessible network segments – Sometimes, when logs are collected from multiple network segments, there is no direct access between the location of the centralized

    XpoLog

    XPLG to other network segments (for instance, different domains in Windows). 

  • Data load balancing (Map Reduce) – In cases where a regular cluster is insufficient, it is possible to

    manage several XpoLog instances of

    manage several XPLG  instances of several separate machines, and each will be managing a selected group of logs, and on top of all instances, there will be an instance which users can access to view all logs from all instances.

  • Keeping main console on Linux in a mixed Linux/Windows environment – In case the main

    XpoLog

    XPLG instance runs on Linux/Solaris, but there is a need to add logs from Windows machines (Windows event logs, logs on shared locations, Windows machines), it is mandatory to deploy a Windows instance of

    XpoLog

    XPLG which will be able to manage all logs from Windows machines and connect it to the centralized

    XpoLog

    XPLG instances.

  • Different data centers – Organizations which manage multiple data centers may consider an

    XpoLog

    XPLG cluster/instance per data center to get optimized connectivity and performance within each data center and then connect all data centers instances to a centralized

    XpoLog instance for

    XPLG  instance for the users.

  • Need of an agent to collect data – While

    XpoLog

    XPLG is completely agentless, in cases where there is no available connectivity to the sources with the standard protocols, it is recommended to install

    XpoLog

    XPLG as an agent on the remote sources and collect the data from using

    XpoLog

    XPLG to

    XpoLog

    XPLG communication over HTTP/S protocol. The agent is also required for Log Synchronization to collect data as is from multiple sources into a central repository.

  • Need of a Forwarder - XPLG forwarder/SysLog TCP/UDP forwarder/ HTTP/HTTPS Forwarder. This option can be used when a specific environment is set to use XPLG to normalize & push data to a central XPLG .

How to install a remote

...

XPLG ?

Remote

...

XPLG installation is a regular installation, only with selected features activated. For example, if the remote

...

XPLG is used only to collect data to a centralized

...

XPLG then 'agent mode' is activated and no operations will be performed by the agent besides access to the data. In case a Map Reduce / multiple data centers deployment is required, then the remote

...

XPLG may be fully functional and all its log processing can be done independently. If the remote

...

XPLG is only used for Log Synchronization then 'agent mode'

...

 should be activated.

When deploying multiple remote XPLG instances, it is possible to use a silent installation in order to distributed multiple setups and then remotely configure them by using the SDK commands.

How to connect

...

between XPLG instances?

In order to connect

...

XPLG instances and add the remote

...

XPLG 's log to the centralized

...

XPLG instance, first ensure that there is communication over HTTP/S on the port which is used to run

...

XPLG between the instances:

  1. Go to

...

  1. XPLG >Tools>Address Book, and add a remote

...

  1. XPLG account with all the required details (a user name and password are also required if security is activate on the remote

...

  1. XPLG ).

  2. To add logs which are configured on the remote

...

  1. XPLG follow information here: Adding Data to the

...

  1. XPLG Platform Adding

...

  1. Data to

...

  1. XPLG

  2. To use the agent for a LogSync task, see Log Synchronization

...