This document explains how to configure network devices such as Switches, Routers, or Firewalls to send log messages to a Monitoring Server like BLËSK. Please note that commands, as explained into this document, may vary according to your device version and model.
Use Telnet or SSH to connect to your Switch/Router, then enter the following commands to enable and configure system log messages to be exported to your BLËSK server.
conf t
no service sequence-numbers
no service timestamps debug uptime
no service timestamps log uptime
logging trap warnings
logging x.x.x.x
exit
write mem
Note: The above commands will set it to log everything to the IP or hostname of the BLËSK Server.
Use Telnet or SSH to connect to your Firewall, then enter the following commands to enable and configure system log messages to be exported to your BLËSK server.
conf t
logging enable
logging host <interfacename> x.x.x.x
no logging timestamp
no logging device-id
logging trap alerts
logging facility 23
exit
write mem
Note The above would set it to log everything to IP of the BLËSK Server. <interfacename> represent the Interface Name on which you want to allow SNMP (i.e. Internet, outside, etc…)
Use Telnet or SSH to connect to your switch, then enter the following commands to enable and configure system log messages to be exported to your BLËSK server.
conf t
logging host <ip or hostname of monitoring server>
logging facility local7
logging buffered 100
logging enable user-login
logging enable config-changed
no logging buffered debugging
no logging buffered informational
exit
write mem
Note: The above commands will set it to log everything to the IP or host name of the BLËSK Server.
Use Telnet or SSH to connect to your switch, then enter the following commands to enable and configure system log messages to be exported to your BLËSK server.
configure
logging on
logging <ip or hostname of monitoring server>
exit
copy running-config startup-config
Note: The above commands will set it to log everything to the IP or hostname of the BLËSK Server.
Use Telnet or SSH to connect to your switch, then enter the following commands to enable and configure system log messages to be exported to your BLËSK server.
conf t
logging <ip or hostname of monitoring server>
logging facility syslog
exit
write mem
Note: The above commands will set it to log everything to the IP or host name of the BLËSK Server.
You’ll need to go in via the CLI as they have removed this option from the GUI as of FortiOS v5.0, then enter the following commands to enable and configure system log messages to be exported to your BLËSK server.
config global
config log syslogd setting
set status enable
set server [ip.or.dns-name.here]
set port 513
endTo set the level of messages you want to see (optional).
config log syslogd filter
set severity warningWindows doesn’t come with a software to export system logs externally. You have to find one from a third party and install it to be able to have your syslogs sent to an external host like BLESK. Here is a page explaining how to install free software provided by us and capable to do the job.
To configure syslog servers for the cluster, use the following command.
/cfg/sys/syslog followed by: add x.x.x.x *
Note: x.x.x.x is the IP address of the syslog server (BLËSK). * is the facility — the local facility number, to uniquely identify syslog entries. We use * here to cover all facilities or all priorities.