Syslog (Log Aggregation) #19
Description
Simulation Goal: Simulate a centralized log collector to receive, store, and display event data, crucial for security monitoring and incident response simulation.
Simulation Steps:
- Pull Image: Use a Syslog server image (e.g., rsyslog or an advanced logging stack like ELK/Loki).
- Configure: Set up the server to listen on the standard Syslog port (usually 514/UDP or TCP).
- Run Container: Start the container, mapping port 514.
- Verification: Configure another component (e.g., the Web-app) to send its logs to the Syslog server's IP/hostname. Check the Syslog container's logs to ensure messages are received.
Key Metrics/Outputs: Log messages received from other components, correct time stamping and formatting of the incoming logs.