Agent configuration for Unix systems
You can install a Devo agent on a Unix-based machine to enable it to send information to Devo. These are the steps to follow:
Import the Devo repository public key using the following commands:
wget http://repository.logtrust.net/PublicKey sudo apt-key add PublicKey sudo gpg --import PublicKey
Create a new .list file in your apt sources list:
Example of <file_name>.list → logtrust.list
Add the Devo repository to the file:
deb http://repository.logtrust.net/ precise main
Update and install the two Devo packages, logtrust-system and logtrust-monitor:
sudo apt-get update sudo apt-get install logtrust-system logtrust-monitor
Run the configuration script to set up the agent:
The relay configuration setup process starts. First, specify the endpoint you want to use to send the system's logs directly to the cloud, then select OK.
- EU → eu.elb.relay.logtrust.net:443
- USA → us.elb.relay.logtrust.net:443
- VDC/Spain → es.elb.relay.logtrust.net:443
The example from the above screenshot (eu.public.relay.logtrust.net:1234) corresponds with the public (unsecured) Event Load Balancer (ELB), not recommended by Devo as good practice. If you use this option, you will need to establish a secure tunnel with the endpoint (ELB) in order to encrypt the data transmission. To do so, select Yes when asked about the secure relay.
- Enter the API key credential to download the necessary digital certificates. You can view and copy the API Key in Devo. Go to Administration → Credentials, then select the API Key link. To paste the API Key into the dialog box, use SHIFT+INS. Select OK.
Click OK to confirm the certificate files.
Because all events will now be tagged by the agent, use port 13000 to send the data to the In-house Relay. Enter <IP_In-House_Relay>:13000 (for example, 220.127.116.11:13000).