3 SpeedTouchTM610 Syslog
ApplicationNote Ed. 01 19
3.4 Remote Syslog Notification
Introduction As described before the SpeedTouchTM610 can be configured to send all or a selection
of generated syslog messages to a host on the local or a remote network IP address.
This section describes how to configure the SpeedTouchTM610 syslog daemon for
sending messages to a particular host.
Preconditions The host to send the syslog messages to, should have syslog daemon software installed
for capturing the messages, and a known, fixed IP address.
Syslog host on the local
network
By default, no traffic restrictions apply for the local network. Simply add a syslog rule via
the SpeedTouchTM610 syslog configuration web page or the CLI. Specify the IP address
of the host, and optionally refine the set of syslog messages to send.
Note You can specify one or a selection of (comma-seperated) or all facilities.
Specifying a severity actually means specifying to send syslog messages with a
severity as specified, and all messages with a higher severity.
For a priority listing see “ Syslog priority severities” on page 14.
The following example shows the configuration via the CLI for a syslog host on the local
“Net10” network with fixed IP address 10.0.0.1 to send all generated syslog messages
(all facilities, with severity debug and higher) to:
Syslog host on a
remote network
The default firewall rules do allow traffic from the SpeedTouchTM610 syslog daemon
towards the WAN due to following firewall rule in the source:
Therefore, no additional firewall configuration is needed in case you want to configure a
syslog host on a remote network
The example below shows the syslog rule to add for a syslog host with IP address
192.6.11.1, accessible via the separate management PVC with the Routed IPoA Packet
Service configuration in the 192.6.11.x/24 range of IP addresses. The local syslog host
(10.0.0.1), configured before (See “ Syslog host on the local network” ) will receive all
generated syslog messages; the remote syslog host only receives syslog messages from
all facilities with severity warning, error, critical, alert or emergency (all facilities, with
severity warning and higher):
=>syslog ruleadd
fac = all
sev = debug
dest = 10.0.0.1
:syslog ruleadd fac=all sev=debug dest=10.0.0.1
=>saveall
=>
:firewall rule create chain=source index=4 prot=udp dstport=syslog action=accept
=>syslog ruleadd fac=all sev=warning dest=192.6.11.1
=>
=>syslog list
1: all.debug 10.0.0.1
2: all.warning 192.6.11.1
=>
=>saveall
=>