Notifications

Configuring External Syslog

The system can send events to external syslog server(s) to aid in troubleshooting and log analysis.

To configure and enable sending events to a log server:

1. SSH into the management CLI as an admin user.

   # ssh admin@172.27.102.123

2. Enter the IP address, port and protocol to use for each server. Use --server for each syslog server you want to add. If adding more than one syslog server. The example below adds 2 servers, using port 514 with UDP protocols for the 1st server and TCP for the 2nd server.

   # syslog-config --server 172.27.102.124,514,UDP --server 172.27.102.125,514,TCP

3. Check the configuration:

   # syslog-view

   Enabled: false

   Servers:

   Server: [172.27.102.124, 32]

   Port: 514

   Transport: UDP

   Server: [172.27.102.125, 32]

   Port: 514

   Transport: TCP

4. To edit the configuration repeat step 2 with the corrected configuration. This example will now use TCP for both servers.

   # syslog-config --server 172.27.102.124,514,TCP --server 172.27.102.125,514,TCP

5. Check the configuration:

   # syslog-view
Enabled: false
Servers:
Server: [172.27.102.124, 32]
Port: 514
Transport: TCP


   Server: [172.27.102.125, 32]
Port: 514
Transport: TCP


6. Enable the system to send events to the log collection server(s). This step is required before events are sent.

   # syslog-enable

   To disable the system from sending events:

   # syslog-disable

   To clear the configuration:

   # syslog-clear