PingIQ
Get started
Monitoring

Syslog monitoring

Point your network gear's syslog at the probe; search it and alert on it.

The probe runs a syslog receiver (UDP, port configurable — 514 by default). Point switches, routers, firewalls and servers at it; messages are matched to your inventory by source IP automatically.

Alert rules

  • Match on severity, application/process and message text
  • Fire when N matching messages arrive within M minutes — catch repeats, ignore one-offs
  • Rule hits flow through the standard alert pipeline (email/SMS/WhatsApp, routing, acknowledgement)

Flood protection

  • Per-source rate limiting and a severity cutoff at the probe — a misbehaving device can't flood your cloud
  • Retention limits keep storage bounded; the live log viewer filters by severity, device and text