ONTAP Discussions

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

ONTAP Discussions

Ask a Question

Syslog forwarding - which LIF is the source

kombayn
‎2024-03-14 03:51 AM
1,739 Views

Hello

I'm troubleshooting connectivity to syslog server and I can still see:


EMS::SYSLOG_HANDLER: Cannot send an ems message to syslog destination: x.x.x.x Reason: cannot add the destination to the syslog_client. Error: Failed to connect: Operation timed out

Ping to syslog destination is working. Firewall is opened between cluster_mgmt LIF and syslog destination, so it leads me to confirm if really a cluster_mgmt is the source LIF that sends the logs or maybe node management LIFs are sending the logs - can anyone confirm? I've tried to find this information in documentation but I couldn't.

0 Kudos
1 ACCEPTED SOLUTION

Ontapforrum
‎2024-03-19 04:16 PM
1,416 Views

It uses Node Management interface (for ASUP, time-sync, SNMP, SYSLOG)

Check the ROUTE. Ensure Node_mgmt LIF can reach to Syslog via the configured route.

This KB might help:
https://kb.netapp.com/onprem/ontap/os/Events_not_sent_to_syslog_server_due_to_network_routes

View solution in original post

0 Kudos
2 REPLIES 2

Ontapforrum
‎2024-03-19 04:16 PM
1,417 Views

It uses Node Management interface (for ASUP, time-sync, SNMP, SYSLOG)

Check the ROUTE. Ensure Node_mgmt LIF can reach to Syslog via the configured route.

This KB might help:
https://kb.netapp.com/onprem/ontap/os/Events_not_sent_to_syslog_server_due_to_network_routes

0 Kudos

chenguanghui
Thursday
109 Views

hello:

  A TCP/TLS connection has been attempted, but the system log server has not received any response for a long time. There may be an incorrect route configuration or the firewall may be dropping the traffic without sending any response.
1. Check if the FQDN or IP address you entered for the system log server is correct.
2. For each listed node, please check the grid network subnet list, management network subnet list, and client network gateway. Confirm that these ports are configured to route traffic to the system log server through the network interface and gateway (grid, management, or client) that the system log server will access.
3. Confirm that the firewall is not blocking IP and port access to the system log server for TCP/TLS connections from the listed nodes.

0 Kudos
Announcements
All Community Forums
Public