Specifications

ManualsBrandsEnterasys ManualsComputer equipmentN Standalone (NSA) Series

351

352

353

354

355

356

357

358

359

360

Syslog Components and Their Use

March 15, 2011 Page 3 of 13

todisplaymessagesatavarietyofdifferentseveritylevelsaboutapplication‐relatederror

conditionsoccurringonthedevice.

Youcandecidetohaveallmessagesstoredlocally,aswellastohaveallmessagesofahigh

severityforwardedtoanotherdevice.Youcanalsohavemessagesfromaparticular

facilitysentto

someoralloftheusersofthedevice,anddisplayedonthesystemconsole.Forexample,youmay

wantallmessagesthataregeneratedbythemailfacilitytobeforwardedtooneparticularSyslog

server.Howeveryoudecidetoconfigurethedispositionoftheeventmessages,

theprocessof

havingthemsenttoaSyslogcollectorgenerallyconsistsof:

• Determiningwhichmessagesatwhichseveritylevelswillbeforwarded.

• Definingoneormoreremotereceivers(Syslogservers/consoledisplays).

Filtering by Severity and Facility

Syslogdaemonsdeterminemessageprioritybyfilteringthembasedonacombinedfacilityand

severitycode.SeverityindicatestheseriousnessoftheerrorconditiongeneratingtheSyslog

message.Thisisavaluefrom1to8,with1indicatinghighestseverity.Facilitycategorizeswhich

functionalprocessisgeneratinganerrormessage.

TheEnterasysimplementationusestheeight

facilitydesignationsreservedforlocaluse:local0–local7definedinRFC3164.Youcanmodify

thesedefaultfacilityandseverityvaluestocontrolmessagereceiptandaidinmessagesortingon

targetservers.

Forexample,youcanconfigureallroutermessagestogo

toServer1usingfacilitylocal1,whileall

SNMPmessagesgotoServer1usingfacilitylocal2.

ThefollowingsectionsprovidegreaterdetailonmodifyingkeySyslogcomponentstosuityour

enterprise.

Syslog Components and Their Use

Table 1describestheEnterasysimplementationofkeySyslogcomponents.

Table 1 Syslog Terms and Definitions

Term Definition Enterays Usage

Facility Categorizes which functional

process is generating an error

message. Syslog combines

this value and the severity

value to determine message

priority.

Enterasys uses the eight facility designations reserved for

local use: local0 – local7. Default is local4, which allows

the message severity portion of the priority code to be

visible in clear text, making message interpretation

easiest. For more information about facility designations,

refer to RFC 3164.