Manualshelf

Configuration manual

ManualsBrandsEnterasys ManualsSwitchEnterasys C5G124-24
211212213214215216217218219220
Fixed Switch Configuration Guide 14-1
14
Configuring Syslog
This chapter describes how System Logging, or Syslog, operates on Enterasys fixed stackable and
standalone switches, and how to configure Syslog.
System Logging Overview
Syslog, short for System Logging, is a standard for forwarding log messages in an IP network that
is typically used for network system management and security auditing. The term often applies to
both the actual Syslog protocol, as well as the application sending Syslog messages.
As defined in RFC 3164, the Syslog protocol is a client/server-type protocol which enables a station
or device to generate and send a small textual message (less than 1024 bytes) to a remote receiver
called the Syslog server. Messages are transmitted using User Datagram Protocol (UDP) packets
and are received on UDP port 514. These messages inform about simple changes in operational
status or warn of more severe issues that may affect system operations.
When managed properly, logs are the eyes and ears of your network. They capture events and
show you when problems arise, giving you information you need to make critical decisions,
whether you are building a policy rule set, fine tuning an Intrusion Detection System, or
validating which ports should be open on a server. However, since it is practically impossible to
wade through the volumes of log data produced by all your servers and network devices, Syslog’s
ability to place all events into a single format so they can be analyzed and correlated makes it a
vital management tool. Because Syslog is supported by a wide variety of devices and receivers
across multiple platforms, you can use it to integrate log data from many different types of
systems into a central repository.
Efficient Syslog monitoring and analysis reduces system downtime, increases network
performance, and helps tighten security policies. It can help you:
Troubleshoot switches, fire walls and other devices during installation and problem
situations.
Perform intrusion detection.
Track user activity.
For information about... Refer to page...
System Logging Overview 14-1
Syslog Operation 14-2
Syslog Components and Their Use 14-3
Interpreting Messages 14-6
About Security Audit Logging 14-6
Configuring Syslog 14-8