Just a quick note on syslog forwarding from the Discovery appliance.
While the Discovery appliance (physical or virtual) is based on a fairly standard CentOS build, we are careful to control the packages and configurations to ensure the OS layer is reliable and predictable for the application. Thus although it is tempting for an experienced Linux administrator to want to configure things to their liking, this urge should be avoided, and limited to only those things that are explicitly documented to avoid problems in future, and potentially voiding support.
One often-requested configuration was to forward OS syslogs to a remote syslog collector. Since we hadn't officially described it in the docs, it wasn't officially supported. I am please to say we now have, here.
It's very simple to setup, and now if your organisation's policies require/recommend it, you can do so while being fully with the appliance support rules.