Network Interfaces
Syslog Watcher must have at least one network interface configured to receive syslog messages from the network. You can add any number of UDP, TCP, or SSL/TLS interfaces.
To configure network interfaces, click 
Configure (Main Toolbar) to open the Server Configuration window; then select the Network Interfaces group.
Adding UDP Interface
UDP is the most common and widely supported transport for syslog messages. It is fast but unreliable and insecure.
To add a UDP interface:
-
Click Add UDP Interface.
-
Set a specific local IPv4/IPv6 address or use 0.0.0.0 for all IPv4 addresses or ::0 for all IPv6 addresses.
-
If your configuration uses a non-standard port, then specify it instead of the default 514.
-
Click Apply.
You do not need to change advanced settings in most cases.
Adding TCP Interface
Syslog over TCP adds reliability and guaranteed delivery.
To add a TCP interface:
-
Click Add TCP Interface.
-
Set address and port the same way as described for the UDP interface.
-
Limit the maximum number of concurrently connected TCP clients and behavior if this value is exceeded.
-
Click Apply.
You do not need to change advanced settings in most cases.
If the Drop old connections option is not allowed, new connections will be dropped in case the maximum number of active connections is reached.
Adding TLS Interface
To add a TLS interface:
-
Click Add TLS Interface.
-
Set address, port, and a maximum number of connections the same way as described for the TCP interface.
-
Configure TLS Options.
-
Click Apply.
Deleting Interface
To delete a network interface:
-
Select the interface by clicking its title area;
-
Click Delete Interface.