Skip to main content

How to configure Ubiquiti UniFi to forward syslogs to LogCentral

How to Configure your UniFi system to forward syslogs to LogCentral in a comprehensive step by step guide.

Updated over 2 months ago

Prerequisites

To forward syslogs from Ubiquiti UniFi to LogCentral and benefit from our cloud based log storage, you'll need:

Connect your UniFi admin console, for example through UniFi's cloud portal at https://unifi.ui.com/

Getting your location's dedicated IP / port

First, in your LogCentral location, you'll find a "Configuration" section.

Here is how this information is presented in LogCentral's location details:

Note down the IP and the port. In this example 49.12.218.35 is the server address and 15866 is the port.


You'll need these two informations in a minute.

The syslog settings can be located in two places depending on your UniFi equipment. The two possibilities are listed below.

Option 1) Syslog settings in the CyberSecure menu

This is the most common place to find the setting for recent & up to date UniFi setups.

Click on the picture to see it in a bigger size

Steps:

  1. Click the Gears icon on the bottom left

  2. Then on CyberSecure

  3. then on Trafic Logging

  4. Select SIEM Server

  5. Select the type of logs you want to forward to LogCentral. You can select all event types if needed.

  6. In the server address, fill in the IP address available in your previously created LogCentral location

  7. In the port field, enter the port you have been assigned in LogCentral

  8. Click Apply Changes

Option 2) Syslog settings in the System / Integrations menu

UniFi syslog settings

Click on the picture to see it in a bigger size


Steps:

  1. Click the Gears icon on the bottom left (

  2. then on System

  3. then on Integrations

  4. finally on SIEM Server

  5. Select the type of logs you want to forward to LogCentral. You can select all event types if needed.

  6. In the server address, fill in the IP address available in your previously created LogCentral location for example in this screenshot, 49.12.218.35 is the server address

  7. In the port field, enter the port you have been assigned in LogCentral

  8. Click Apply Changes

Once finished, click "Apply changes" in UniFi's dashboard.

If everything is well in a few seconds or minutes you should see logs appearing in LogCentral.

Congrats!

Go to LogCentral's dashboard

Related Articles
How to configure pfSense to foward syslogs to Logcentral
How to create a location
How to configure Windows to forward syslogs to LogCentral?
How to configure Debian to forward syslogs to LogCentral
How to configure Cisco Meraki to forward syslogs to LogCentral
Did this answer your question?