To log notifications of the most severe events on a syslog server, you must configure the EMS to forward notifications for events that signal important activity.
What you’ll need
DNS must be configured on the cluster to resolve the syslog server name.
About this task
If your environment does not already contain a syslog server for event notifications, you must first create one. If your environment already contains a syslog server for logging events from other systems, then you might want to use that one for important event notifications.
You can perform this task any time the cluster is running by entering the commands on the ONTAP command line.
Steps
Create a syslog server destination for important events:
event notification destination create -name syslog-ems -syslog syslog-server-address
Configure the important events to forward notifications to the syslog server:
event notification create -filter-name important-events -destinations syslog-ems