Install the Remote Collector for Windows

About remote collectors

A remote collector collects, compresses, and encrypts log data from the configured remote machines to send directly to Alert Logic.

Remote collectors only support syslog collection.

A remote collector is useful because:

  • A remote collector can be installed on a Windows machine or a Linux machine.
  • A remote collector can be upgraded remotely.
  • A remote collector does not require a virtual VMware instance, unlike a virtual appliance.
  • Hosts without an agent can send syslog data to Alert Logic via a remote collector.
  • Log status is reported directly to Alert Logic.

Data Center deployments only

For Data Center deployments, you must locate and copy your Unique Registration Key, which you need to install the remote collector.

Alert Logic uses the Unique Registration Key to assign the agent to your Alert Logic account.

To access your Unique Registration Key:

  1. In the Alert Logic console, click the Settings icon (), and then select Support Information.
  2. Copy your Unique Registration Key.

Download a remote collector

To download the remote collector, click a link in the table:

Version Link More Information MD5
2.9.4 al_log_syslog-2.9.4.msi 2018-12-14 18:17, 2.21MB 8f675fad9b0c78532ab20cf49e1704b6
2.9.4 2018-12-14 18:17, 2.12MB 97947c6960802e8304c984814293c490

Install a remote collector

Install via the GUI

  1. Copy the MSI package to the target machine.
  2. Run the MSI package.

  1. In the AL Syslog Setup graphical user interface, paste your unique registration key in the Provisioning API Key field
  2. Click Install.

Install via the command prompt

To install remote collector:

  1. Copy the MSI package to the target machine.
  2. Run MsiExec.exe, a Windows MSI package installer, with the following command-line parameter: /i [path]al_log_syslog-[version]-[type].msi
  3. (Optional) Run the installer with the following optional command-prompt parameters:
Optional modes Description
/quiet or /q[level]

This mode configures different levels of user interaction. You can use the following values to determine the desired [level].

  • f offers user interface access, which shows all dialog. This value is the default when /q is omitted.
  • r offer reduced user interface access, which does not show any dialog requiring user input, other than error popups. Normally, this mode shows the progress status only.
  • b for basic UI mode, which shows error popups and a simple progress bar only
  • n (equivalent to /q or /quiet), does not show any user interface.
/log [log file] or, for a verbose log, /l*vx [log file] This mode troubleshoots installation failures. [log file] is the path, created by the installer, to the log file.
SENSOR_HOST=[host] [host] is the IP address where the remote collector should forward logs.
SENSOR_PORT=[port] [port] is the TCP port where the remote collector should connect.
USE_PROXY={0|1} This mode specifies whether the remote collector should use WinHTTP proxy settings
PROV_KEY=[key] This command is required in provisioning only mode. [key] is your Unique Registration Key.
INSTALLDIR=[directory] [directory] is the folder where remote collector files should be installed.
REBOOT=ReallySuppress This mode suppresses any reboot prompts, which leaves the installation incomplete until the next restart.

MsiExec.exe /i al_log_syslog- /log al_log_syslog_install.log /quiet PROV_KEY=da39a3ee5e6b4b0d3255bfef95601890afd80709