User's Manual

ManualsBrandsDell ManualsComputer equipmentPowerConnect W-6000

1001

conditionexpression

domainname

enable

match{ipaddrexpression|macexpression|userexpression}

positionposition

set{blacklist|rolerole}

For example:

esiparserruleforti_virus

condition“log_id=[0-9]{10}[]”

match“src=(.*)[]”

setblacklist

enable

Showing ESI syslog parser rule information:

showesiparserrules

Deleting a syslog parser rule:

noesiparserrulerule-name

Editing an existing syslog parser rule

esiparserrulerule-name

conditionexpression

domainname

enable

match{ipaddrexpression|macexpression|userexpression}

positionposition

set{blacklist|rolerole}

Testing a parser rule

esiparserrulerule-name

test{filefilename|msgmessage}

Monitoring Syslog Parser Statistics

The following sections describe how to monitor syslog parser statistics using the WebUI and CLI.

In the WebUI

You can monitor syslog parser statistics in the External Servers monitoring page, accessed by selecting

Monitoring>Switch> ExternalServicesInterface>SyslogParserStatistics.

The SyslogParserStatistics view displays statistics such as the number of matches and number of users per

rule, as well as the number of respective actions fired by the syslog parser.

The SyslogParserStatistics view also displays the last refresh time stamp and includes a RefreshNow button, to

allow the statistics information to be refreshed manually. There is no automatic refresh on this page.

In the CLI

showesiparserstats

Sample Route-mode ESI Topology

This section introduces the configuration for a sample route-mode topology using the controller and Fortinet

Anti-Virus gateways. In route mode, the trusted and untrusted interfaces between the controller and the

Fortinet gateways are on different subnets. The following figure shows an example route-mode topology.

Dell Networking W-Series ArubaOS 6.4.x | User Guide External Services Interface | 1004