Sending Log Messages to Syslog Servers

To configure the switch to send all log messages to a syslog server with an IP address of 172.16.21.67, use the following command:

CLI (network-admin@Leaf1) > admin-syslog-create name log-all scope fabric host 172.16.21.76

To display the configuration use the admin-syslog-show command:

CLI (network-admin@Leaf1) > admin-syslog-show

name    scope   host           port   message-format

-----   -----   ------------   ----   ---------------

log-all fabric  172.16.21.67   514    legacy

 To specify sending the syslog messages in structured format, per RFC5424, add the message-format option to the configuration.

CLI (network-admin@Leaf1) > admin-syslog-modify name log-all message-format structured

You can also modify the port that the service listens on to another port. More than one syslog listening service can be configured and appropriate syslog messages are sent to each one.

By default, all log messages are forwarded to syslog servers. To filter the log messages, use the msg-level option to specify the severity or other options:

CLI (network-admin@Leaf1) > admin-syslog-match-add syslog-name log-all name critical-msgs msg-level critical

You can modify syslog matching using the admin-syslog-match-modify command, or remove matching criteria using the admin-syslog-match-remove command.

To display the configuration, use the show command:

CLI (network-admin@Leaf1) > admin-syslog-match-show

syslog-name       msg-level      name
----------        ---------      -----

log-all           critical       critical-msgs