Syslog

Activate Server: BusinessLog includes its own integrated Syslog Server (always started by the service).

By enabling this option, you can channel the syslogs generated by devices to the IP of the BusinessLog machine.

​

Port: The default port is already specified, but you can configure a custom one (note that the same port must also be set on the clients). The default is UDP 514.

​

Enable Syslog Debugging: If selected, enables raw-mode logging in a specific file located in the Reg subfolder: RegSysList.log.

​

Only Log Syslog with Admin Users: Syslogs can generate hundreds or thousands of entries per day, and not all devices allow filtering of outgoing logs. By enabling this option, the program will receive all logs but will record only those related to the users specified in the Administrators table.

​

After activation and service restart, you will notice the BusinessSysLog.exe process running as the listener on the specified port.

​

⚠️ Attention: It is not possible to run more than one listener on the same port. If you use other software for syslog recording, you must disable them (or change the port).

​

Once the syslog server is enabled, you must configure the syslog client on the machines (Linux/Unix/Mac) according to the documentation of each distribution.

​

For devices, access the administrative interface, locate the syslog section, and configure log forwarding to the IP of the BusinessLog server (ensure the protocol is UDP).

​

Recommendation: Limit log production where possible, as enabling syslog broadly can generate thousands of events per minute.

​

• Linux/Unix/Mac machines: Enable only *.users and *.auth (definitions may vary by distribution) to output user and authentication events only.

• Devices: Enable only administrative interface access and VPN logs (e.g., for firewalls).

​​