Logs Based on Severity Levels

While configuring Syslog export on the device, you can filter using severity levels for logs/events to export to the Syslog server. You may configure severity levels as critical, major, or minor. The default severity level is minor.
When you set a severity level for a device, logs and events for the selected severity level and higher are exported to the Syslog server. For example, if the chosen severity level is major, then all major and critical events and logs will be forwarded to the Syslog server.
Sample Message Formats for Events & Logs
A sample message format for events (Alerts and Alarms) sent to a Syslog server.
Feb 14 10:38:11 172.20.75.186 alert: CLOUDGENIX_HOST="ion7k-Hub" DEVICE_TIME="2018-02-14T10:36:49.000" STATUS="Not cleared" CODE="DEVICESW_GENERAL_PROCESSRESTART"SEVERITY="minor" PROCESS_NAME="event_forward" ELEMENT_ID="15174644824510129"Feb 14 10:38:11 172.20.75.186 alert: CLOUDGENIX_HOST="ion7k-Hub" DEVICE_TIME="2018-02-14T10:37:22.000" STATUS="Not cleared" CODE="DEVICESW_GENERAL_PROCESSRESTART"SEVERITY="minor" PROCESS_NAME="scm" ELEMENT_ID="15174644824510129"
A sample
Auth log
log sent to a Syslog server.
Feb 14 10:44:58 172.20.75.186 log: CLOUDGENIX_HOST="ion7k-Hub" DEVICE_TIME="2018-02-14T10:44:58.881Z" MSG="sshd-login keyboard-interactive/pam" SEVERITY="minor"PROCESS_NAME="sshd" FACILITY="auth" USER="elem-admin" ELEMENT_ID="15174644824510129"

Recommended For You