Command Line Interface Reference Guide > The Configuration Menu > /cfg/sys/syslog System Host Log Configuration
/cfg/sys/syslog
System Host Log Configuration
Alteon supports the RFC 3164 standard for syslogs.
 
[Syslog Menu]
sesslog - Session Log Menu
hst1 - Set first syslog host
hst2 - Set second syslog host
hst3 - Set third syslog host
hst4 - Set fourth syslog host
hst5 - Set fifth syslog host
hst6 - Set sixth syslog host
format - Set the syslog format
proto - Set the protocol version for the syslog transport
     console - Enable/disable console output of syslog messages
log - Enable/disable syslogging of features
audit - Enable/disable Audit Trail
email - Enable/disable emailing the syslog messages
extdlog - Enable/disable extended info in syslog messages
cur - Display current syslog settings
 
System Configuration Menu Options (/cfg/sys/syslog) 
Command Syntax and Usage
sesslog
 
Displays the Session Log menu. To view this menu, see /cfg/sys/syslog/sesslog Session Log Menu.
hst<1-6> <Syslog Server IP (v4 or v6)> <Severity[0-7]> <facility[0-7]><module [all|grpmng|grpsys|grpnw|grpslb|grpsec|fastview|ha|appsvc|audit|bgp|cli|console|filter|gslb|ip|ipv6|mgmt|ntp|ospf|ospfv3|ratelim|rmon|security|slb|slb_atk|ssh|stp|syn+atk|system|vlan|vrrp|web]><port[1-65535]>
 
The severity level is the lowest severity messages that Alteon sends to the syslog server:
*0 (Emergency) — The system is unusable.
*1 (Alert) — Corrective action must be taken immediately.
*2 (Critical) — The condition of the system is critical.
*3 (Error) — The system has errors that should be corrected.
*4 (Warning) — The system is sending a warning.
*5 (Notice) — The condition of the system is normal, but with significant conditions that need attention.
*6 (Informational) — The system is working, but sending information about certain unfavorable conditions.
*7 (Debug) — The system is sending debug-level messages.
The module specifies to send syslog messages generated by a specific module or module group to the specified syslog server.
If one of the module groups is specified, messages generated by all the modules included the group, as follows, are enabled for logging and routed to the syslog server:
*grpslb — Application Delivery group (includes: SLB, GSLB, Filters, and FastView)
*grpmng — Management group (includes: Management ,CLI, SSH, NTP, Web, HTTP Error, Configuration, and Audit)
*grpnw — Network Group (includes: STP, VLAN, VRRP, BGP, IP, TCP rate limiting, OSPF, RMON, IPv6, OSPFv3, VA auto IP, and HA)
*grpsec — Security Group (includes: Syn Attack, SLB attack, and Security)
*grpsys — System group (includes: Console, System, and Server Port Link)
Note: On an Alteon VX, only the following module values are available: [all|grpmng|grpsys|audit|cli|console|mgmt|ntp|ssh|stp|system|web]
format bsd-syslog | ietf-syslog
 
Sets the syslog format supported.
Values: bsd-syslog-rfc3164, ietf-syslog-rfc5424
Default: bsd-syslog-rfc3164
Example–BSD format:
PRI HEADER (timestamp host) Msg <189>2020-01-2O T23:19:46-08:00 10.175.105.107 NOTICE AlteonOS <mgmt>: Failed login attempt via SSH from host 10.188.14.8. user maint
Example–IETF format:
PRI VERSION ISOTIMESTAMP HOSTNAME APPLICATION PID MESSAGEID [STRUCTURED-DATA] MSG <189>1 2020-01-2O T23:19:46-08:00 10.175.105.107 mgmt - - - NOTICE : Failed login attempt via SSH from host 10.188.14.8. user maint
Note: The IETF format is not supported for defense messaging or for AppWall syslog messages.
console disable|enable
 
Enables or disables delivering syslog messages to the console. When necessary, disabling the console ensures Alteon is not affected by syslog messages.
Default: enable
log <feature|all enable|disable>
 
Displays a list of features for which syslog messages can be generated.
/cfg/sys/syslog/log - displays the list of the features for which the logging is enabled and for which logging is disabled.
/cfg/sys/syslog/log all - displays the current status of ALL the features that are being logged. Hence, only when logging of ALL the features are enabled it will be shown as "enabled". Even if any one of the feature's logging is disabled, it will be shown as "disabled".
In addition, you can enable or disable specific features (such as NTP, VLANs, GSLB, filtering), or enable or disable the syslog on all available features.
For example, /cfg/sys/syslog/log ntp dis will disable the NTP logging.
audit disable|enable
 
Enables or disables the logging of details of all configuration changes to the syslog server.
Default: disable
Note: Even if this audit command is disabled, all configuration changes are logged in an internal file (part of the tsdump).
Radware recommends that you do not configure multiple parameters in the same CLI command line when this option is enabled.
Note: Enabling this feature may increase the Management Processor (MP) CPU usage temporarily if the configuration changes are very large.
email
 
Enables or disables e-mailing syslog messages. When enabled, sets the minimum severity for the events that Alteon reports by e-mail, the sender (from) e-mail address, and recipient (to) e-mail address.
Default: disable
Note: Once the To/From e-mail addresses have been set, you cannot remove the e-mail address as long as the e-mail is enabled. To remove the e-mail address, you have to set this parameter to disabled and set the To/From e-mail addresses as none.
extdlog
 
Enables or disables extended information in the syslog messages.
If enabled, the time stamp in the MP and SP-generated syslog messages includes the year and the UTC timezone offset.
If disabled, only the month and day are displayed.
Values: enable, disable
Default: enable
cur
 
Displays the current syslog settings.