Create Date: Jul 10 2013 6:16AM
Hi.
I have a query about syslog. I have followed the concepts guide and i've managed to get so far by creating my own event filter, which does seem to output more than the Default filter, but I am struggling to get futher. Basically, I would like syslog output to be the same as we can see in show log output
I have set up syslog output to a log host
The config is as follows:
create log filter AllEvents
configure log filter AllEvents add events All severity info
configure syslog add 192.168.1.1:514 vr VR-Default local7
enable log target syslog 192.168.1.1:514 vr VR-Default local7
configure log target syslog 192.168.1.1:514 vr VR-Default local7 filter AllEvents severity Info
configure log target syslog 192.168.1.1:514 vr VR-Default local7 match Any
configure log target syslog 192.168.1.1:514 vr VR-Default local7 format timestamp seconds date Mmm-dd event-name condition process-slot severity priority tag-name
So really what I hoped this would achieve is literally all events of Info or greater severity go to the log host.
However, for instance this morning there was a reboot scheduled. I can see in the syslog 2 lines showing the reboot. However in the sh log output it is much more verbose. Also I can't see things like STP changes in the syslog either, or the STP instance starting, etc.
On the other hand, I can see things in syslog such as SNTP updates, which do not appear in show log output.
What do I need to do to get more information to my log host?
Thanks
(from networkguy)
