Forum Discussion
Raj_Zucre_Ramir
Nimbostratus
NimbostratusSyslog to Remote Server
Hi!
I want to send critical messages such as hardware failures and virtual servers down to the remote syslog server:
Could you please provide the exact syntax?
Example of logs we like to filter.
Pool member x.x.x.x:xxxx monitor status down.
info mcpd[4415]: 01070638:6: Per-invocation log rate exceeded; throttling.
No members available for pool
What I have is only:
config b syslog list all syslog { authpriv from notice authpriv to emerg cron from warning cron to emerg daemon from notice daemon to emerg include none kern from notice kern to emerg mail from notice mail to emerg messages from notice messages to warning userlog from notice userlog to emerg remote server none }
I'm using 8900 with 10.1.0
Thanks!
2 Replies
- Hi Raj,
There are a couple ways to do this. If you want to send everything to a remote syslog server you'll need to get a shell on the box and edit /etc/syslog-ng/syslog-ng.conf. You'll need to add this line to the log facility destination in question:*.* @
If you need to do anything more complex, syslog-ng's configuration guide has details for expanding beyond the basic.
If you want to do it from an iRule for a specific event, you can follow the syntax laid out in this wiki article: http://devcentral.f5.com/wiki/default.aspx/iRules/log.html
Hope this helps. Happy logging!
-George - JRahm
Admin
askf5 has a good remote syslog article for the different big-ip versions:
https://support.f5.com/kb/en-us/solutions/public/5000/500/sol5527.html?sr=1 Click Here
