NetApp Community Update
This site will enter Read Only mode on July 23 as we prepare to move to a new platform. You will still be able to view content, but posting and replying will be temporarily disabled.
We're excited to launch our new Community experience on July 30 and more information will follow soon.
Stay connected during the transition - Join our Discord community today.

ONTAP Discussions

Syslog 7-Mode transition to C-Mode

darraghos
2,064 Views

Hi guys, on our 7-mode heads we head the following Syslog config: 

 

# Log messages of priority warning or higher to the console and all messages of info or higher to /etc/messages log file.
# By default, informational messages are logged to the console which is annoying and intrusive when you are using the console for administrative purposes.
*.warning /dev/console
*.info /etc/messages

 

# Log all syslog messages and auditlog messages to a remote syslog server for historical analysis and audting.
*.info;kern.* @10.1.1.1
cmdsaudit.auditlog @10.1.1.1

 

We also audited the use of read-only APIs. This worked really well and from our SIEM (collecting these syslogs) and we could basically see all API calls and all logosn as well as all message being logged. How can we setup same for C-mode clusters ?

0 REPLIES 0
Public