This procedure is intends for forwarding logs from a variety of end machines to XpoLog SysLog listener, using a Linux proxy server that is responsible for forwarding all traffic which has been forwarded to the relevant listener.

We will use this method when there is no direct access from the end machines to the XpoLog server. and a mediating machine is needed 

 

Procedure

  1. Configure TCP\UDP Listener on the your XpoLog machine.
  2. Using rsyslog configuration for defining the logs which I would like to transfer to the proxy.

 

  3. Open ssh window directly to the Linux machine which serves you as a proxy and configure the iptables rules with the following commands:

 

 iptables -t nat -A PREROUTING -p tcp --dport Listen_Port_Proxy -j DNAT --to-destination XpoLog_IP:XpoLog_Listener_Port

 

     iptables -t nat -A POSTROUTING -j MASQUERADE