Remote Log Server Configuration on ESW2-550X Switch

Objective

A log is a set of messages that describe system events. These logs can be very useful during troubleshooting. The logs are saved on the local memory of the device and also can be forwarded over the network to a remote log server. Logs on the remote log server serve as a backup and are useful during log merging and log analysis. This article explains how to add, edit and delete the configuration of the remote log server on the ESW2-550X series switches.

Applicable Devices

• ESW2-550X-48DC-R
• ESW2-550X-48-R

Software Version

• v1.2.9.44

Configuration of Remote Log Server

Step 1. Log in to the switch configuration utility and choose Administration > System Log > Remote Log Servers. The Remote Log Servers page opens:

 

The Remote Log Server Table displays the following information.

• Log Server — The IP address of the SNTP server.

• UDP Port — The UDP port number through which the log messages are sent.

• Facility — The facility number assigned to the remote log server.

• Description — The description of the remote log server.

• Minimum Severity — The severity level of the log message. 

Add Remote Log Server

 

Step 1. Click Add. The Add Remote Log Server window appears.

 

Step 2. Click the radio button according to the desired method by which the server is identified in the Server Definition field.

• By IP address — Indicates that the remote log server is identified by its IP address.

• By name — Indicates that the remote log server is identified by name.

Step 3. Click the desired IP version radio button.

• Version 6 — Denotes the IPv6 address type.

• Version 4 — Denotes the IPv4 address type.

Step 5. (Optional) If the Version 6 IP address type is chosen, click the desired IPv6 address type.

• Link Local — The IPv6 address uniquely identifies hosts on a single network link.

• Global — The IPv6 address is a global unicast that is visible and reachable from other networks.

Step 6. (Optional) If the Link Local IPv6 address type is chosen, choose the link local interface from the Link Local Interface drop-down list.

 

Step 6. Enter either the IP address or the name of the remote log server in the Log Server IP Address/Name field.

Step 7. Enter the UDP port number in the UPD Port field to which the log messages are sent. The default is 514.

Step 8. Choose a facility from the Facility drop-down list. A facility is a user-defined application from which system logs are sent to the server. Only one facility can be assigned to a single server. If a second facility level is assigned then the first one will be overridden. All applications defined for a device utilize the same facility on a server. The possible field values are Local 0 to Local 7. The default field value is Local 7.

Step 9. Enter the description of the server in the Description field.

Step 10. Choose from the Minimum Severity drop-down list the minimum severity level of the log messages that are to be sent to the remote server. The Minimum Severity drop-down list has the following event severity levels which are listed from the highest severity to the lowest severity.

• Emergency — System is not usable and system would need immediate attention.

• Alert — Action is needed.

• Critical — System is in a critical condition.

• Error — System is in error condition.

• Warning — System warning has occurred.

• Notice — System is functioning properly, but a system notice has occurred.

• Informational — Device Information.

• Debug — Detailed information about an event is given out.

Step 11. Click Apply. The Remote Log Servers page opens again and displays the new server.

Edit Remote Log Server

Step 1. Check the required configuration that tyou want to configure and then click Edit. The Edit Remote Log Server window appears.

Step 2. Choose the previously chosen log server IP Address from Log Server IP Address drop-down list.

Step 3. Enter the UDP port number in the UDP Port field to which the log messages are sent. The default is 514.

Step 4. Choose a facility from the Facility drop-down list. It is a user-defined application from which system logs are sent to the server. Only one facility can be assigned to a single server. If a second facility level is assigned then the first one will be overridden. All applications defined for a device utilize the same facility on a server. The possible field values are Local 0 to Local 7. The default field value is Local 7.

Step 5. Enter the description of the server in the Description field.

Step 6. Choose from the Minimum Severity drop-down list the minimum severity level of the log messages that are to be sent to the remote server. The Minimum Severity drop-down list has the following event severity levels which are listed from the highest severity to the lowest severity.

• Emergency — System is not usable and system would need immediate attention.

• Alert — Action is needed.

• Critical — System is in a critical condition.

• Error — System is in error condition.

• Warning — System warning has occurred.

• Notice — System is functioning properly, but a system notice has occurred.

• Informational — Device Information.

• Debug — Detailed information about an event is given out.

Step 7. Click Apply. The Remote Log Servers page opens again and displays the edited server configuration.

Delete Remote Log Server

Step 1. Check the required configuration that the user wants to delete and then click Delete button. The configuration is removed and the Remote Log Servers page opens again.