ONTAP Discussions

Syslog Port

Is is possible to change the destination port used for a notification destination in C-Mode 9.3?

Re: Syslog Port




You can verify your current Syslog settings using:

cluster log-forwarding show


You can have up to 10 Syslog destinations and port, using a similar command:

cluster log-forwarding create -destination <ip-address> -port <port> -facility <facility>

For example:

cluster log-forwarding create -destination -port 514 -facility user

cluster log-forwarding create -destination -port 6666 -facility user

cluster log-forwarding create -destination -port 7777 -protocol tcp-unencrypted -facility user 

cluster log-forwarding create -destination -port 8888 -protocol tcp-encrypted -facility user 


or use cluster log-forwarding modify  command (to change an existing setting) 


Which end up looking like:      514   UDP-UNENCRYPTED      6666   UDP-UNENCRYPTED     7777  UDP-UNENCRYPTED     8888  TCP-ENCRYPTED


If you have not set-up you Syslog server and it is not currently accepting connections on the random port, you can use the -force flag to skip server connectivity verification. 


please also see: https://docs.netapp.com/ontap-9/topic/com.netapp.doc.dot-cm-sag/GUID-279ACA3C-00D2-490C-BEE9-C05625A550B1.html



Re: Syslog Port

Is this the audit logs? I meant the events i.e. messages logs 🙂 Thanks for the info though.

Re: Syslog Port


Your welcome and you are correct,


Messages would be the event notification and event notification destination show/create/ modify. 


In the past, it was not possible to use a non-standard port other than UDP 514 for event messages without a hack, which may not be supported.  Re: KB  FA1163 


Will look into if this has changed or if you can add the port using ":8888" for example. Thanks.

View solution in original post

Re: Syslog Port

Thanks 🙂
Earn Rewards for Your Review!
GPI Review Banner
All Community Forums