ONTAP Discussions

Syslog Port

darraghos
Is is possible to change the destination port used for a notification destination in C-Mode 9.3?
1 ACCEPTED SOLUTION

philliphardynz

Your welcome and you are correct,

 

Messages would be the event notification and event notification destination show/create/ modify. 

 

In the past, it was not possible to use a non-standard port other than UDP 514 for event messages without a hack, which may not be supported.  Re: KB  FA1163 

 

Will look into if this has changed or if you can add the port using ":8888" for example. Thanks.

View solution in original post

4 REPLIES 4

philliphardynz

Hi,

 

You can verify your current Syslog settings using:

cluster log-forwarding show

 

You can have up to 10 Syslog destinations and port, using a similar command:

cluster log-forwarding create -destination <ip-address> -port <port> -facility <facility>

For example:

cluster log-forwarding create -destination 100.64.1.1 -port 514 -facility user

cluster log-forwarding create -destination 100.64.1.1 -port 6666 -facility user

cluster log-forwarding create -destination 100.64.1.1 -port 7777 -protocol tcp-unencrypted -facility user 

cluster log-forwarding create -destination 100.64.1.1 -port 8888 -protocol tcp-encrypted -facility user 

 

or use cluster log-forwarding modify  command (to change an existing setting) 

 

Which end up looking like:

100.64.1.1      514   UDP-UNENCRYPTED  

100.64.1.1      6666   UDP-UNENCRYPTED  

100.64.1.1     7777  UDP-UNENCRYPTED

100.64.1.1     8888  TCP-ENCRYPTED

 

If you have not set-up you Syslog server and it is not currently accepting connections on the random port, you can use the -force flag to skip server connectivity verification. 

 

please also see: https://docs.netapp.com/ontap-9/topic/com.netapp.doc.dot-cm-sag/GUID-279ACA3C-00D2-490C-BEE9-C05625A550B1.html

 

Thanks

darraghos
Is this the audit logs? I meant the events i.e. messages logs 🙂 Thanks for the info though.

philliphardynz

Your welcome and you are correct,

 

Messages would be the event notification and event notification destination show/create/ modify. 

 

In the past, it was not possible to use a non-standard port other than UDP 514 for event messages without a hack, which may not be supported.  Re: KB  FA1163 

 

Will look into if this has changed or if you can add the port using ":8888" for example. Thanks.

View solution in original post

darraghos
Thanks 🙂
Announcements
NetApp on Discord Image

We're on Discord, are you?

Live Chat, Watch Parties, and More!

Explore Banner

Meet Explore, NetApp’s digital sales platform

Engage digitally throughout the sales process, from product discovery to configuration, and handle all your post-purchase needs.

NetApp Insights to Action
I2A Banner
Public