Socket Forwarder

Owned by Noga Aviram (Unlicensed)
Last updated: Apr 24, 2024 by Omry Koschitzky

To send data over Socket Forwarder:

  1. Go to Manager > Left Navigation Panel > Data > Data Forwarding > New Data Forwarder:

  2. Enter a name for this forwarder.

  3. Mark or define the sources which will be sent via this forwarder.

  4. Set the Scheduler for this forwarder. (default and most recommended is ‘Send data on arrival’ - real-time)

  5. Create Data Flows on the data (Optional). Read More>

  6. Add a new Socket Forwarder. For each Socket Forwarder the following should be configured:

    1. Name: The name of the Socket Forwarder.

    2. Description: The description of the Socket Forwarder.

    3. Enabled: The Kafka forwarder is enabled by default, uncheck for disabling.

    4. Socket Account: Choose the relevant Socket account for this forwarder. To create a Socket Account, follow the article: Creating An Account.

    5. Use data source host: The events will be sent with the log's host.

    6. Layout Type + Custom Pattern

      1. By default this is Syslog and will send the message in the Syslog format (with Syslog message <priority> timestamp and source). Leave Custom Pattern empty in this case.

      2. If you wish a custom pattern, enter ‘pattern’ and in the custom pattern below enter %m%n:

        image-20240424-111001.png

    7. Advanced: Enter a data filter query.

    8. Active Flows: Use one of the existing flows or send ‘All data’

  7. Save the Socket Forwarder.

  8. Data from this Socket Forwarder will be sent to the configured device.