Log target with match reqular expression

  • 0
  • 1
  • Problem
  • Updated 2 years ago
  • Solved
Hello,

I want to send special log events to a separate syslog facility (I want to grep special words in the log message).

I thought this can be realized with this command:

"conf log target syslog 192.168.1.1  vr "VR-Default" local7 match *info"

Where "info" can be any regex.

But I always get: "No targets were configured as none matched the given criteria!"


Tested on different XOS-Switches with Version 16.2.1.6 and 16.1.3.6

Any ideas?

Best regards
Stephan



Photo of SH

SH

  • 4,816 Points 4k badge 2x thumb

Posted 2 years ago

  • 0
  • 1
Photo of Ronald Dvorak

Ronald Dvorak, Embassador

  • 50,114 Points 50k badge 2x thumb
Here a basic syslog setup of my switch - could you post your syslog configuration or did you only use that one command....

Photo of SH

SH

  • 4,816 Points 4k badge 2x thumb
Hello Ron,

sometimes one cannot see the wood for the trees.

The local7 sould be local1.

I saw it with your command: "sh log conf target syslog"

Now it works:


Here what I configured:


ena cli-config-logging


sh config | i syslog
configure syslog add 192.168.1.1:514 vr VR-Default local1
enable log target syslog 192.168.1.1:514 vr VR-Default local1
configure log target syslog 192.168.1.1:514 vr VR-Default local1 filter DefaultFilter severity Debug-Data
configure log target syslog 192.168.1.1:514 vr VR-Default local1 match facility
configure log target syslog 192.168.1.1:514 vr VR-Default local1 format timestamp seconds date Mmm-dd event-name none priority host-name tag-name
configure syslog add 192.168.1.1:514 vr VR-Default local7
enable log target syslog 192.168.1.1:514 vr VR-Default local7
configure log target syslog 192.168.1.1:514 vr VR-Default local7 filter DefaultFilter severity Debug-Data
configure log target syslog 192.168.1.1:514 vr VR-Default local7 match Any
configure log target syslog 192.168.1.1:514 vr VR-Default local7 format timestamp seconds date Mmm-dd event-name none priority host-name tag-name


and what I got:

If I "create vlan facility" I receive two syslog messages one for match facility and one for match any
If I "create vlan test" I received one syslog message for match any

That's  what I want.

Thank you Ron