GitHub Enterprise uses syslog-ng to forward system and application logs to the server you specify in the Management Console settings.

Any log collection system that supports syslog-style log streams is supported (e.g., Logstash and Splunk).

Enabling log forwarding

  1. On the Management Console settings page, in the left sidebar, click Monitoring.
  2. Select Enable log forwarding.
  3. In the Server address field, type the address of the server to which you want to forward logs. You can specify multiple addresses in a comma-separated list.
  4. In the Protocol drop-down menu, select the protocol to use to communicate with the log server. The protocol will apply to all specified log destinations.
  5. Select Enable TLS.
  6. Click Choose File and choose a CA certificate to encrypt communication between syslog endpoints. The entire certificate chain will be validated, and must terminate in a root certificate. For more information, see TLS options in the syslog-ng documentation.

Troubleshooting

If you run into issues with log forwarding, contact GitHub Enterprise Support and attach the output file from http(s)://[hostname]/setup/diagnostics to your email.