Security/Monitoring Syslog Matches


There are features and functions used in Arista NetVisor UNUM and Insight Analytics that are common throughout the user interface (UI). Please refer to the Common Functions section for more information on the use of these functions and features.


Syslogs Matches


Selecting Manager → Security/Monitoring → Syslogs Matches displays the Syslogs Matches dashboard. 


Select the applicable Fabric from the left-hand navigation bar and the dashboard updates showing all Syslog Match entries from all switches within the Fabric.


Note: If no entries exist a "No Data Exists" message is displayed. You must first configure an entry on a switch. Prerequisite settings and configuration may be required.


In the event there are no entries in the dashboard you may have to Search for a Syslog file to obtain matches.


The dashboard displays a list of existing Syslog Match entries by Switch name and Selected Syslog.


Additional parameters include: Syslog, Name, Set Facility, Set Severity, Msg Category, Msg Code, Msg Event Type, Msg Level, and Msg Name.


Manage Syslogs Matches Fabric Dashboard


Select the applicable switch from the Fabric and the dashboard updates automatically with Syslogs Matches settings. 


The dashboard displays a list of existing Syslog Match entries by Syslog and Selected Syslog.


Additional parameters include: Name, Set Facility, Set Severity, Msg Category, Msg Code, Msg Event Type, Msg Level, and Msg Name.


Manage Syslogs Matches Switch Dashboard


You select the Syslog you want to use from the drop-down list of available Syslogs. The filter match is displayed in the dashboard.


Manage Syslogs Matches Syslog Selection


You select the --- All --- parameter to display all Syslogs. This option exists for both Fabric and individual switches.


Manage Syslogs Matches Syslog Selection ALL


Add Syslog Event Match Filter


To add a Syslog Match Filter click Add a syslog event match filter and enter the configuration parameters which include:


Switch / FRGSelect a switch or a FRG (Fabric Resource Group) from the drop down list.

Syslog – Name of the syslog.

Name – Name of the matching scheme.

Msg Category – Message category as event audit system error.

Msg Code – Message code to match.

Msg Event Type – Message log event type to match.

Msg Level – The level of severity to match.

Msg Name – Message name to match.


Select additional field parameters by clicking on the icon. Additional fields include: 


Msg Program – Name of the program used to generate log messages.

Msg vNET – vNET to match.

Msg Remote Switch – Remote switch node to match.

Msg User – Username to match.

Msg Client Addr – Client IP address to match.

Msg Port – Port to match.

Msg VLAN – VLAN to match.

Msg Bd – Bridge Domain to match.

Msg VXLAN – VXLAN to match.


Manager Security/Monitoring Add Syslog Event Match Filter


Modify Syslog Event Match Filter


To modify a Syslog entry use Edit by selecting the Cog icon to make changes to the Syslog configuration which include: 


Syslog – Name of the syslog.

Msg Category – Message category as event audit system error.

Msg Code – Message code to match.

Msg Event Type – Message log event type to match.

Msg Level – The level of severity to match.

Msg Name – Message name to match.


Select additional field parameters by clicking on the icon. Additional fields include: 


Msg Program – Name of the program used to generate log messages.

Msg vNET – vNET to match.

Msg Remote Switch – Remote switch node to match.

Msg User – Username to match.

Msg Client Addr – Client IP address to match.

Msg Port – Port to match.

Msg VLAN – VLAN to match.

Msg Bd – Bridge Domain to match.

Msg VXLAN – VXLAN to match.


Manager Security/Monitoring Modify Syslogs Matches Entry


Delete Syslog Match


To delete a Syslogs Matches entry use Delete by selecting the Cog icon. A confirmation message requires an acknowledgment to continue deletion. 


Manager Security/Monitoring Delete Syslogs Matches Entry


Click OK to continue or Cancel to return to the previous screen without making any changes.


north
    keyboard_arrow_up
    keyboard_arrow_down
    description
    print
    feedback
    support
    business
    rss_feed
    south