Configuring a syslog server

Configuring a remote log server to send Sentry syslog data is a two step process and requires the following:

1. Adding a syslog server
2. Enabling log data

To view Sentry facility configuration see:

Displaying syslog configuration

Adding a syslog server

To add or edit a syslog server, type the following command in CONFIG mode:

syslog <server> [port] <protocol> <facility> <log-level> [state]

To delete a syslog server, type the following command in CONFIG mode:

no syslog <server> [port]

Table 61.   Adding a syslog server

Parameter

Description

server

IP address or hostname of the syslog server.

port

Syslog server port.

Use port 514 if you are adding Monitor.

If the port number is not provided, the default port 514 is used.

protocol

Protocol of the syslog server. The options are:

UDP

TCP

facility

Type of log messages sent to the syslog server. The options are:

general

health-monitor

audit

log-level

Minimum severity level of log messages to be sent. The options are:

emerg

alert

crit

err

warning

notice

info

debug

CLI does not limit log-level by the facility choice.

state

State of the syslog server. The options are:

enable

disable

If state is not specified, syslog is enabled by default.

Enabling log data

After adding a syslog server, you need to also enable the log data for the facility you selected for the syslog server. Sentry forwards the log data that is enabled to the syslog server. General log data is enabled by default. No additional action is required if you chose General facility when you added the syslog server.

To enable log data for the facility, enter the following command in CONFIG mode:

sentry {audit | health-monitor}

Table 62.   Enabling log data

Feature

Command

Enable sentry audit log data

sentry audit

Enable sentry health monitoring

sentry health-monitor

Disable sentry audit

no sentry audit

Disable sentry health monitoring

no sentry health-monitor

Displaying syslog configuration

To view syslog server facility configuration use the following commands in EXEC or PRIVILEGED mode:

Table 63.   Displaying syslog configuration

Feature

Command

Display syslog configuration

show logging

Display sentry audit configuration

show sentry audit config

Display sentry health monitoring

show sentry health-monitor

Example

sentry# show logging

+-----------------------------+-------+----------+-----------------+-----------+--------

Hostname / IP Address + Port + Protocol + Facility Type + Log Level + State

+-----------------------------+-------+----------+-----------------+-----------+--------

app1111.auto1.mycompany.com 514 UDP health-monitor info enable