By default, InCenter uses a single internal log server for InCenter generated logs and logs received from external firewalls. However, it is possible to instead make use of a single external Open Distro log server. Any external server configured for this must be based on Open Distro Elasticsearch 0.7.0.1 or later.

The following command is an example of how such a server is configured and includes all the mandatory parameters:

admin@InCenter:/> Set LogServer Location=External
			LogServerIP=203.0.113.5
			AdministratorUsername=user1
			AdministratorPassword=pass1
			MaintainerUsername=user2
			MaintainerPassword=pass2
			ImpersonatorUsername=user3
			ImpersonatorPassword=pass3

The other optional command parameters are the same as the optional parameters used for the internal server and are described in Section 18.1, The Internal Log Server.

Using an external server does not change any of the other log management functions in InCenter. The location of the database is transparent to the user and such functions such as querying work in the same way as with the internal receiver.

Reverting to the Internal server

If it is required to revert back to using the internal InCenter server for event logging, the following command can be used:

admin@InCenter:/> Set LogServer Location=Internal