Sending Log Messages to Syslog Servers


To configure the switch to send all log messages to a syslog server with an IP address of 172.16.21.67, use the following command:


CLI network-admin@Leaf1>admin-syslog-create name log-all scope fabric host 172.16.21.76


To display the configuration use the admin-syslog-show command:


CLI network-admin@Leaf1>admin-syslog-show


name    scope   host           port   message-format

-----   -----   ------------   ----   ---------------

log-all fabric  172.16.21.67   514    legacy

 

To specify sending the syslog messages in structured format, per RFC5424, add the message-format option to the configuration.


CLI network-admin@Leaf1>admin-syslog-modify name log-all message-format structured


You can also modify the port that the service listens on to another port. More than one syslog listening service can be configured and appropriate syslog messages are sent to each one.


By default, all log messages are forwarded to syslog servers. To filter the log messages, use the msg-level option to specify the severity or other options:


CLI network-admin@Leaf1>admin-syslog-match-add syslog-name log-all name critical-msgs msg-level critical


You can modify syslog matching using the admin-syslog-match-modify command, or remove matching criteria using the admin-syslog-match-remove command.


To display the configuration, use the show command:


CLI network-admin@Leaf1>admin-syslog-match-show


syslog-name       msg-level      name

log-all           critical       critical-msgs