We're getting started with Sumo Logic and have not stood up a syslog server. This is my first rodeo with setting up a syslog server so I'm looking for some documentation on what needs to be done. I tried searching the docs section but don't see any general guidance documentation (hardware requirements, etc). Does anyone have any information on what I need to get started? I've found a few links out on the internet that I'm researching now.
We're all in AWS so we'd be looking to fire up an EC2 instance in AWS but I'm not sure what size would be good to start with. We have about 5-7 log sources we would be looking to send to this syslog server.
A sample of the log sources we'd like to send:
- Cisco Meraki networking logs (5-7 office locations)
- AWS CloudTrail, VPC Flow logs, other AWS sources
- Antivirus logs
- Physical access system logs
Please sign in to leave a comment.