Data ONTAP Discussions

Highlighted

Syslog Port

Is is possible to change the destination port used for a notification destination in C-Mode 9.3?
4 REPLIES

Re: Syslog Port

Hi,

 

You can verify your current Syslog settings using:

cluster log-forwarding show

 

You can have up to 10 Syslog destinations and port, using a similar command:

cluster log-forwarding create -destination <ip-address> -port <port> -facility <facility>

For example:

cluster log-forwarding create -destination 100.64.1.1 -port 514 -facility user

cluster log-forwarding create -destination 100.64.1.1 -port 6666 -facility user

cluster log-forwarding create -destination 100.64.1.1 -port 7777 -protocol tcp-unencrypted -facility user 

cluster log-forwarding create -destination 100.64.1.1 -port 8888 -protocol tcp-encrypted -facility user 

 

or use cluster log-forwarding modify  command (to change an existing setting) 

 

Which end up looking like:

100.64.1.1      514   UDP-UNENCRYPTED  

100.64.1.1      6666   UDP-UNENCRYPTED  

100.64.1.1     7777  UDP-UNENCRYPTED

100.64.1.1     8888  TCP-ENCRYPTED

 

If you have not set-up you Syslog server and it is not currently accepting connections on the random port, you can use the -force flag to skip server connectivity verification. 

 

please also see: https://docs.netapp.com/ontap-9/topic/com.netapp.doc.dot-cm-sag/GUID-279ACA3C-00D2-490C-BEE9-C05625A550B1.html

 

Thanks

Re: Syslog Port

Is this the audit logs? I meant the events i.e. messages logs Smiley Happy Thanks for the info though.

Re: Syslog Port

Your welcome and you are correct,

 

Messages would be the event notification and event notification destination show/create/ modify. 

 

In the past, it was not possible to use a non-standard port other than UDP 514 for event messages without a hack, which may not be supported.  Re: KB  FA1163 

 

Will look into if this has changed or if you can add the port using ":8888" for example. Thanks.

Re: Syslog Port

Thanks Smiley Happy
Forums