Security/Monitoring Syslog Matches


Syslogs Matches


Selecting Overview → Manage → Security/Monitoring → Syslogs Matches displays the Syslogs Matches dashboard.


Select the desired Fabric from the left side navigation bar and the dashboard updates showing all Syslog Match entries from all switches within the Fabric.


In the event there are no entries in the dashboard you may have to Search for a Syslog file to obtain matches.


The dashboard displays a list of existing Syslog Match entries by Switch name and Selected Syslog.


Additional parameters include: name, set-facility, set-severity, msg-category, msg-code, msg-event-type, msg-level and msg-name.


You sort the list of entries in the dashboard using the up / down arrows above each of the columns to sort the information as needed.



Manage Syslogs Matches Fabric Dashboard


Select the desired switch from the Fabric and the dashboard updates automatically with Syslogs Matches settings.


The dashboard displays a list of existing Syslog Match entries by name and Selected Syslog.


Additional parameters include: set-facility, set-severity, msg-category, msg-code, msg-event-type, msg-level and msg-name.


You sort the list of entries in the dashboard using the up / down arrows above each of the columns to sort the information as needed.


Manage Syslogs Matches Switch Dashboard




You select the Syslog you want to use from the drop-down list of available Syslogs. The filter match is displayed in the dashboard.


Manage Syslogs Matches Syslog Selection



You select the ---ALL--- parameter to display all Syslogs. This option exists for both Fabric and individual switches.



Manage Syslogs Matches Syslog Selection ALL


To search for specific events in a syslog select Search a syslog file for specific events logged to it and enter the required search field information which includes:


  • Syslog – name
  • name – name of the matching scheme
  • set-facility – facility type to match
  • set-severity – severity to match
  • msg-category – message category as event, audit, system, perror
  • msg-code – message code to match
  • msg-event-type – message log event type to match
  • msg-level – the level of severity to match
  • msg-name – message name to match



Manage Syslogs Matches Syslog Search


Click Save to continue or Cancel to return to the previous screen without saving any changes.


Additional field parameters are modified by clicking on the icon for Additional Fields. Additional fields include:


  • msg-program – name of the program used to generate log messages
  • msg-vnet – vnet to match
  • msg-remote_switch – remote switch node to match
  • msg-user – username to match
  • msg-client-addr – client IP address to match
  • msg-port – port to match
  • msg-vlan – vlan to match
  • msg-vxlan – vxlan to match
  • msg-args – arguments to match
  • msg-starting-point – message starting point to match
  • msg-length – message length to match
  • msg-show-time – the time the message appeared
  • msg-since-last-reset (enable) - messages since the log reset



Manage Syslogs Matches Syslog Search Additional Parameters


Click Save to continue or Cancel to return to the previous screen without saving any changes.


To obtain detailed information about a Syslogs Matches entry select an entry in the dashboard.


A Details pane opens displaying the configuration information of the Syslogs Matches.


Scroll through the list, as needed, and click X to return to the dashboard.


Manage Security/Monitoring Syslogs Matches Details


To delete a Syslogs Matches entry use Delete by selecting the Cog icon. A confirmation message requires an acknowledgment to continue deletion.


Manage Security/Monitoring Delete Syslogs Matches Entry


Click OK to continue or Cancel to return to the previous screen without making any changes.