Configuring Syslog
14-8 Configuring Syslog
If, for any reason, an event that is to be sent to the secure log gets dropped, resulting in the failure
to record the event, an SNMP trap will be generated. The trap generation will be done using the
Enterasys Syslog Client MIB notification etsysSyslogSecureLogDroppedMsgNotification.
Format Examples
The following examples illustrate secure log entry formats for different types of events.
• User logs in via console
<164>Apr 21 08:44:13 10.27.12.70-1 USER_MGR[1] User:admin:su logged in from
console
• User logs in via Telnet
<164>Apr 21 08:42:57 10.27.12.70-1 USER_MGR[1] User:admin:su logged in from
10.27.6.118(telnet)
• User sets port speed via console
<167>Apr 21 10:39:19 10.27.12.70-1 CLI_WEB[1] User:admin:su; Source:console;
Action:"set port speed *.*.1 10 "; Status:OK
• User sets port speed via telnet
<167>Apr 21 10:39:39 10.27.12.70-1 CLI_WEB[1] User:admin:su;
Source:10.27.6.118(telnet); Action:"set port speed *.*.2 100"; Status:OK
Configuring Syslog
Use the procedures in this section to perform the following logging configuration tasks:
•“Syslog Command Precedence” (page 14-8)
•“Configuring Syslog Server(s)” (page 14-9)
•“Modifying Syslog Server Defaults” (page 14-10)
•“Reviewing and Configuring Logging for Applications” (page 14-10)
•“Enabling Console Logging and File Storage” (page 14-11)
•“Configuration Examples” (page 14-12)
Syslog Command Precedence
Table 14-3 lists basic Syslog commands and their order of precedence on Enterays switches.
Table 14-3 Syslog Command Precedence
Syslog Component Command Function
Logging defaults set logging default
{[facility facility]
[severity severity]
[port port]}
Sets default parameters for facility code, severity level
and/or UDP port for all Syslog servers and local
destinations.
Settings will be applied when Syslog servers are
configured without specifying values with the set
logging server command. This command overrides
factory defaults.
To Next Page
Loading...
Need help?
General