Data ONTAP Discussions

Syslog Port

Is is possible to change the destination port used for a notification destination in C-Mode 9.3?

Re: Syslog Port



You can verify your current Syslog settings using:

cluster log-forwarding show


You can have up to 10 Syslog destinations and port, using a similar command:

cluster log-forwarding create -destination <ip-address> -port <port> -facility <facility>

For example:

cluster log-forwarding create -destination -port 514 -facility user

cluster log-forwarding create -destination -port 6666 -facility user

cluster log-forwarding create -destination -port 7777 -protocol tcp-unencrypted -facility user 

cluster log-forwarding create -destination -port 8888 -protocol tcp-encrypted -facility user 


or use cluster log-forwarding modify  command (to change an existing setting) 


Which end up looking like:      514   UDP-UNENCRYPTED      6666   UDP-UNENCRYPTED     7777  UDP-UNENCRYPTED     8888  TCP-ENCRYPTED


If you have not set-up you Syslog server and it is not currently accepting connections on the random port, you can use the -force flag to skip server connectivity verification. 


please also see:



Re: Syslog Port

Is this the audit logs? I meant the events i.e. messages logs Smiley Happy Thanks for the info though.

Re: Syslog Port

Your welcome and you are correct,


Messages would be the event notification and event notification destination show/create/ modify. 


In the past, it was not possible to use a non-standard port other than UDP 514 for event messages without a hack, which may not be supported.  Re: KB  FA1163 


Will look into if this has changed or if you can add the port using ":8888" for example. Thanks.

Re: Syslog Port

Thanks Smiley Happy
Try the new BETA Support Site!
Beta Support Site