Defining Syslog servers

Last Updated : May 12, 2023 |

About this task

You can define up to three Syslog servers with either IPv4 or IPv6 addresses..

Procedure

  1. Define the Syslog server by entering set logging server followed by the IP address of the server and optionally the transport (UDP, TCP or TLS) and server port.

    For example (UDP Syslog server):

    Gxxx-001(super)# set logging server 147.2.3.66

    or (TLS Syslog server and certificate for TLS connection):

    Gxxx-001(super)# set logging server 2001:db8::2179::1 tls
Gxxx-001(super)# copy scp root-ca syslog syslogcert.crt 172.16.1.22
  2. Enable the Syslog server by entering set logging server enable followed by the IP address of the Syslog server.

    When you define a new Syslog server, it is defined as disabled, so you must use this command to enable the server.

    For example:

    Gxxx-001(super)# set logging server enable 147.2.3.66
  3. Optionally, define an output facility for the Syslog server by typing the set logging server facility command, followed by the name of the output facility and the IP address of the Syslog server.

    If you do not define an output facility, the default local7 facility is used.

    For example:

    Gxxx-001(super)# set logging server facility auth 147.2.3.66
Done!

    The following is a list of possible facilities:

    • auth. Authorization

    • alert. Log alert

    • audi. Log audit

    • clkd. Clock daemon

    • clkd2. Clock daemon

    • daemon. Background system process

    • ftpd. FTP daemon

    • kern. kernel

    • local0 – local7. For local use

    • lpr. Printing

    • mail. Electronic mail

    • news. Usenet news

    • ntp. NTP subsystem

    • sec. Security

    • syslog. System logging

    • uucp. Unix-to-Unix copy program

    • user. User process

  4. Optionally, limit access to the Syslog server output by typing the set logging server access-level command, followed by an access level (read-only, read-write, or admin) and the IP address of the Syslog server.

    If you do not define an access level, the default read-write level is used.

    For example:

    Gxxx-001(super)# set logging server access-level read-only 147.2.3.66
Done!

    Only messages with the appropriate access level are sent to the Syslog output.

  5. Optionally, define filters to limit the types of messages received.
Related information
Logging filter configuration