Can you please let me know default logging facility both for system & audit logs? I have configured local7 both for system/audit and a remote host IP but not seeing any logs being sent to my remote syslog server.
The ACOS device can send Syslog messages to the following places: • Local buffer (default level: Debugging - 7) • Console CLI session (default level: Error - 3) • Console SSH and Telnet sessions • External Syslog server • Syslog server in another partition • Email address(es) • SNMP servers (for events that are logged by SNMP traps) Logging to the local buffer and to CLI sessions is enabled by default. Logging to other places requires additional configuration.
There could be multiple reasons, such as the firewall on the Syslog server blocking the messages etc. You may want to check if you are able to receive Syslog messages from others sources and perhaps open a support case if required for further troubleshooting.
The config on the Thunder device itself is pretty straightforward and works as shown by the packet capture I had posted earlier. Here is a sample one for reference:
Comments
Thanks,
Abhi
The default facility is LOCAL0.
The ACOS device can send Syslog messages to the following places:
• Local buffer (default level: Debugging - 7)
• Console CLI session (default level: Error - 3)
• Console SSH and Telnet sessions
• External Syslog server
• Syslog server in another partition
• Email address(es)
• SNMP servers (for events that are logged by SNMP traps)
Logging to the local buffer and to CLI sessions is enabled by default. Logging to other places requires additional configuration.
Regards.
I have tried setting up local0 and i'm not seeing any logs on remote syslog server.
Regards,
Abhi
There could be multiple reasons, such as the firewall on the Syslog server blocking the messages etc. You may want to check if you are able to receive Syslog messages from others sources and perhaps open a support case if required for further troubleshooting.
The config on the Thunder device itself is pretty straightforward and works as shown by the packet capture I had posted earlier. Here is a sample one for reference:
logging syslog debugging
!
logging host 192.168.40.14
Regards.