Ransomware attackers specifically target and attempt to destroy backup systems to increase the probability of payment. Hardening your system is critical. Please ensure you have reviewed your platform security using the Security Hardening Checklist
Cohesity

COHESITY Documentation

Explore our documentation to get started, discover products & new features, access troubleshooting guides, register sources, platforms support.

Products
Data Security Alliance
Visit Cohesity.com
Demos
Support
Blogs
Developers
Partner Portals
Cohesity Community
© 2026 Cohesity, Inc. All Rights Reserved.
Terms of Use|
Privacy Policy|
Legal|
  1. Home
  2. NetBackup™ Flex Scale Best Practices and Troubleshooting Guide
  3. Troubleshooting NetBackup Flex Scale
  4. Forwarding logs to an external server
  5. Configuring log forwarding
NetBackup™ Flex Scale Best Practices and Troubleshooting Guide

Configuring log forwarding

You can forward the appliance system logs (syslogs) to an external log management server. Your log management server must support the Rsyslog client.

Alerts are generated if the settings on the cluster nodes are inconsistent or if one of the cluster nodes is down and unable to forward the logs to the log server. When you add a node to the cluster, the log forwarding settings are synced to the newly added node.

To configure log forwarding:

  1. Use any one of the following options to sign in:
    • Use a user account with both Appliance Administrator and NetBackup Administrator role, or a user account with only an Appliance administrator role to log in to the NetBackup Flex Scale web interface https://ManagementServerIPorFQDN/webui where ManagementServerIPorFQDN is the public IP address, the FQDN, or the short host name that you specified for the management server during the cluster configuration, and then in the left pane do one of the following:

      • Click Cluster Management > Cluster settings > Security management > Log forwarding

      • Click Cluster Management > Cluster dashboard > Security Meter > View details > Auditing and alerting > Log forwarding

    • Use a user account with an Appliance Administrator role to log in to the NetBackup Flex Scale infrastructure management console https://ManagementServerIPorFQDN:14161 where ManagementServerIPorFQDN is the public IP address, the FQDN, or the short host name that you specified for the management server and do one of the following:

      • Click Dashboard > Security Meter > View details > Auditing and alerting > Log forwarding

      • Click Settings > Security management > Log forwarding

  2. Click Configure.
  3. Enter the following details:

    Field

    Description

    Server FQDN or IP address

    FQDN or the IP address of the external log management server.

    Server port

    Port number of the external log management server. Default port is 514. You can specify a different port if the cluster nodes are configured to communicate with the log server using that port.

    Protocol

    Select either UDP or TCP. TCP is the default protocol. With TCP protocol, you can optionally enable TLS log transmission.

    Note:

    Enabling TLS requires that you upload certificates obtained from CA authority and a private key to the appliance.

    Log polling interval

    Set the interval in minutes for forwarding the syslogs to the external log server. The options are 15, 30, 45, 60, Continuous. If you select Continuous, the appliance continuously forwards logs to the log server.

    Device vendor

    Unique name for the external log server.

    Enable TLS log transmission

    If you want to secure the transmission of logs from the appliance to the log server, select Enable TLS log transmission and upload the required certificate files. Veritas recommends that you enable TLS for security purposes.

    This option provides end-to-end security of data sent over the network from the appliance to the log server. You need a CA certificate and the client private key to configure TLS log transmission.

    This option is available only if you select the TCP protocol.

    If you enable secure log transmission, upload CA certificate (X.509 certificate for the certificate authority in PEM format), client certificate (X.509 certificate for the appliance to communicate with the log management server, in PEM format), and client certificate key (RSA key of the client certificate) onto your log server and then upload the certificates to the appliance.

    Modules

    Types of logs that are forwarded to the log server. Only the OS logs are forwarded and the syslog option is selected by default.

  4. Click Enable.

    A notification about the task is displayed on the top of the page. To monitor the progress, click View details. After the configuration is completed successfully, a notification is displayed on top of the page. The log forwarding status is shown Enabled and the start time for forwarding the logs is displayed.

Feedback

Was this page helpful?
Previous

Forwarding logs to an external server

Next

Modifying log forwarding settings using the UI

Feedback

Was this page helpful?