ONTAP Discussions

Configure important EMS events to forward notifications to a syslog server with customization Port

Naresh_T
1,316 Views

How to Configure important EMS events to forward notifications to a syslog server with customization Port

3 REPLIES 3

shaneo
1,258 Views

To log notifications of the most severe events on a syslog server, you must configure the EMS to forward notifications for events that signal important activity.

What you’ll need

DNS must be configured on the cluster to resolve the syslog server name.

About this task

If your environment does not already contain a syslog server for event notifications, you must first create one. If your environment already contains a syslog server for logging events from other systems, then you might want to use that one for important event notifications.

You can perform this task any time the cluster is running by entering the commands on the ONTAP command line.

Steps
  1. Create a syslog server destination for important events:

    event notification destination create -name syslog-ems -syslog syslog-server-address

  2. Configure the important events to forward notifications to the syslog server:

    event notification create -filter-name important-events -destinations syslog-ems

RossC
1,246 Views

@shaneo One thing to note about those documented steps is there is no command / flag to put in a custom port. 

 

Take a look at https://community.netapp.com/t5/ONTAP-Discussions/Syslog-custom-port/m-p/163997 and you might get a clearer picture. Seems custom ports aren't actually supported or something along those lines.

 

So in the mentioned thread they used iptables to work around it, you could also maybe consider using a proxy of some kind to re-route the requests. 

Naresh_T
1,245 Views

@RossC Thanks for sharing the link. Let us try to configure the IPset+IPtables for routing to a different port or proxy server. 

 

Public