ASP 6.0.0.5 and later provides the ability to remotely log security, system and other logging data from ASP (based on RHEL Rsyslog). Logs are forwarded over a secure IP connection to remote servers (up to 5).
Note:
This is ASP data only. Application virtual machine logging settings need to be set in accordance with the application and are not included here. Check the application documentation for those details.
Data from ASP OS itself includes the following:
Off Server logging of audit records for ASP server access and actions.
Forwarding to an external SIEM or log management platform that enables dashboards and alerting without touching the appliance directly.
Monitoring of the solution enables the following troubleshooting scenarios:
Authentication and Access issues: Review forwarded audit logs to identify failed login attempts, unauthorized access, or misconfigured user roles.
Security Monitoring and Incident Response: Detect anomalies such as repeated failed logins or unexpected configuration changes.
Service Failures or Restarts: Track service-level events (start/stop/failure) to determine the root cause and timing of infrastructure disruptions.
Logs can be accessed locally on the ASP system and are also forwarded to the configured remote destinations.
For detailed configuration and implementation guidance, refer to Avaya Solutions Platform R6.0.0.5.0 Application Note: Remote Syslog Configuration.