Skip to content
/ nasuni-azure-syslog-proxy Public

Deploys a Linux VM in Azure that will act as a syslog proxy for Nasuni. Forwards notifications or file system audit events to a Log Analytics workspace. The logs can be manually examined or consumed by other services including Microsoft Sentinel.

0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

nasuni-labs/nasuni-azure-syslog-proxy

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

17 Commits
README.md
README.md
 
 
main.bicep
main.bicep
 
 
main.json
main.json
 
 
metadata.json
metadata.json
 
 

Repository files navigation

Deploy to Azure

Syslog Proxy

This template can be used to deploy a Linux VM in Azure that will act as a syslog proxy for the Nasuni platform. It will forward Notifications or file system audit events to a Log Analytics workspace. The logs can be manually examined or consumed by other services including Microsoft Sentinel.

Support Statement

  • Nasuni Support is limited to the underlying syslog service running on the Nasuni appliances.
  • Nasuni Protocol bugs or feature requests should be communicated to Nasuni Customer Success.
  • GitHub project to-do's, bugs, and feature requests should be submitted as “Issues” in GitHub under its repositories.

Prerequisites

  • The name of an existing Log Analytics Workspace to which syslog data will be sent
  • Private networking, such as a site-to-site VPN or ExpressRoute connection, established between your Nasuni appliances and the VNET in which the proxy is deployed. This is to ensure that syslog data is protected.

Resources Deployed

  • An Azure Linux VM configured to listen for syslog messages on TCP/514 and UDP/514 and running the Azure Monitor Agent
  • A Network Security Group that allows connections on TCP/22, TCP/514, and UDP/514
  • An Azure Monitor Data Collection rule that will collect syslog messages

Post-Deployment Tasks

Syslog Export Configuration

Configure your Nasuni appliances to send Notifications and/or file system audit events via syslog to the proxy VM. Consult the "Syslog Export" section of the Nasuni Management Console Guide for configuration instructions.

Auditing Policy Configuration

Configure the audit policy for each volume for which you would like to collect events. Consult the "File System Auditing" secton of the Nasuni Management Console Guide for configuration instructions.

On-premises Alternative

If you prefer to run the syslog proxy VM in your own datacenter, you can deploy a Linux VM and install the Azure Monitor agent on it. For on-prem installations, the Azure Monitor agent requires that the server be managed with Azure Arc.

Deployment Tasks

  1. Install a Linux VM
  2. Configure syslog. Microsoft provides a Python script that can configure rsyslogd or syslog-ng
  3. Configure the Linux VM for Azure Arc
  4. Install the Azure Monitor Agent
  5. Complete the Post-Deployment Tasks above

About

Deploys a Linux VM in Azure that will act as a syslog proxy for Nasuni. Forwards notifications or file system audit events to a Log Analytics workspace. The logs can be manually examined or consumed by other services including Microsoft Sentinel.

Resources

Readme
Activity
Custom properties

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 2

  •  
  •  

Languages