Use Cases and Setup

You can forward all the syslogs generated at on-premise or EC2 instances to your log servers through Network Load Balancer for long-term storage purpose. You can now build your own scalable log collector service behind NLB or take advantage of existing AWS services.

In this demo, the "network.exampleloadbalancer" Network Load Balancer (NLB) has a UDP listener which listens on port 514 for logs. There is a UDP target group which has two log servers -- server1 and server2.

When we start sending logs to the Network Load Balancer, we can see that each of the backend log servers starts getting logs

What happen when the syslog client sends its log to the Network Load Balancer

Previous Next

1. Syslog Client sends its first log message to the Network Load Balancer through UDP port 514

2. The Network Load Balancer forward the first log message to the syslog server1. ---As you can see, the syslog server1 receives the first log message

3. Later on, the same syslog client sends a second log message with a different source UDP port

4. This time, the Network Load Balancer forward the second log message to syslog server2 ---The terminal of syslog server2 shows that it receives the seond log message

Syslog Client

Syslog Servers