Configure Conductor Remote Logging

You can configure the Conductor to send system log messages to a centralized logging service. Your environment must have a syslog service available on the underlay.

Supported Roles
System Administrator
Note: You may need to coordinate with your underlay network administrator to determine the proper syslog service configuration for your environment.
  1. Go to Settings > Services > Remote logging and select Edit Settings.
    If you do not see it as a choice, select Add service and select Remote logging.
  2. Select Enabled or Disabled to turn remote logging on or off.
  3. Set the address and port for your remote logging service:

    Remote Logging Configuration page

  4. Check whether to use TLS encryption (recommended unless your remote log service is on the same local network as the Conductor). If this box is clear, messages are sent over UDP, which is unencrypted and could introduce a security risk if you are sending the logs over unsecured networks.
  5. Check whether to log Conductor and/or Airwall messages, or alerts.
  6. Choose the Overlay network activity log level, time interval, and packet interval:
    • Log level: logs overlay network activity that equals or exceeds the log level of the Airwall. Options: Trace, Debug, Info, Warn, Error.
    • Time interval: number of seconds before logging additional device activity for a flow. 0 to disable.
    • Packet interval: number of packets before logging additional device activity for a flow. 0 to disable.
  7. Select Configure.

Once the logging service is configured and enabled, the Conductor begins to duplicate system log messages and sends them to the configured logging service. Airwall Gateways also obtain the logging service configuration from the Conductor, and will start sending its messages to the logging service if you've configured it to log Airwall Edge Service messages.