Active IQ Unified Manager Discussions
Have configured WFA syslog with INFO level.
In syslog.conf, was able to see very detailed messaged comming in with a tail -f ( login, all the commands executed in a workflow, etc ) using *.info .
The * is the facility.
As we are not using rsyslog but the old syslog, does anyone know the facility WFA uses?
Thanks in advance.
Here in WFA we have tested with “Kiwi Syslog server”.
Was the kiwi syslog shared with other applications?
Looking for the facility as we don't have rsyslog, but the old syslog with fixed facilities.
Kiwi Syslog was not shared with other applications.
I am starting to believe that this will work only with rsyslog for non-standalone syslogs.
Standalone syslog is not an option in production.
Honestly, I'm still not able to understand your problem.
What exactly are you trying to achieve and what issues are you facing?
If you can elaborate, it will help me try to solve it.
I am trying to configure syslog.conf in a Linux server , which I have already configured in the WFA Administration->Syslog
The linux server has the syslogd and not the rsyslogd ( so we only have access to fixed syslog facilities )
The syslog.conf has a configuration that is similar to <FACILITY>.<SEVERITY> /var/log/file_name.log
So if we configure for example *.info /var/log/wfa.log we receive the syslogs from WFA
The problem is that a syslog server in production is usually shared with other applications and appliances.
So for example in a netapp filer, an authentication issue is configured as a LOCAL7 severity, then in syslog.conf, you configure local7.* /var/log/netapp_authentication .
The facilities as you can see are used to separate application or appliances in the same syslog server.
That is why I was asking the FACILITY WFA uses so we could try <WFA_FACILITY>.INFO /var/log/wfa.log
Thanks in advance!
I'll get back to you on this. Im not sure I have the right answers at the monent.
Thanks Sinha, will await for your response. Thanks in advance.