How to forward Ezeelogin SSH Jump Server logs to syslog?

By enabling this feature, all active logs will be directed to the syslog of the gateway server, which you can monitor by tailing the syslog.

Login to Ezeelogin GUI and navigate to Settings - > SIEM -> SIEM type to syslog and enable logs.

By enabling this feature, all active logs will be directed to the syslog of the gateway server. You can monitor these logs by tailing the syslog and executing the SIEM script in a separate shell to analyze the forwarded logs.

Refer below examples for syslog logs:

• Authentication Log

• Web Activity Logs

• Gateway Activity Logs

• Server Activity Logs

• SSH Logs

How to enable the feature to forward input commands to syslog?

Login to GUI, navigate to Settings -> General -> Security -> scroll down and enable Log Commands in Syslog and relogin to ezsh and then to remote servers and execute random commands.

Refer below example of recorded input commands in syslog.

SIEM ( Security Information and Event Management):-

SIEM systems collect and analyze log data generated throughout various systems, applications, and network infrastructure to identify and respond to security events and incidents. The goal is to provide a centralized view of an organization’s information security, helping in real-time analysis, incident detection, and response.

Related Articles

• Integrate Ezeelogin SSH Jump host with Splunk for SIEM
• Audit logs and configurations