You can send the Event log to one or more syslog servers on the network for storage or analysis.
To configure the syslog facility, go to Events > Syslog
On this page:
Refer to this table for assistance when configuring Syslog settings:
|Field||Field description||Usage tips|
|Host address 1 to 4||
Enter the IP addresses of up to four Syslog receiver hosts.
The number of packets sent to each configured host will be displayed next to its IP address.
A configurable value for the purposes of identifying events from the IP VCR on the Syslog host. Choose from the following options:
Choose a value that you will remember as being the IP VCR.
Note 1 - Various operating system daemons and processes have been found to utilize Facilities 4, 10, 13 and 14 for security/authorization, audit, and alert messages which seem to be similar.
Note 2 - Various operating systems have been found to utilize both Facilities 9 and 15 for clock (cron/at) messages.
Processes and daemons that have not been explicitly assigned a Facility value may use any of the "local use" facilities (16 to 21) or they may use the "user-level" facility (1) - and these are the values that you can select.
The events that are forwarded to the syslog receiver hosts are controlled by the capture filter.
To define a syslog server, simply enter its IP address and then click Update syslog settings. The number of packets sent to each configured host is displayed next to its IP address.
Note: Each event will have a severity indicator as follows:
|(c) Copyright Codian 2003-2008, License information|