Description
This article provides a general guide of how to override the syslog general settings so that a specific VDOM can send logs to a different syslog server.
This also applies when it is needed for just one VDOM to be able to send logs to a syslog server.
Solution
From the CLI, execute the following commands:
# conf vdom
edit "VDOM_NAME"
# conf log syslogd override-setting
set override enable
set status enable
set server x.x.x.x <----- Where x.x.x.x is the IP address of syslog server.
set port 514
set source-ip x.x.x.x <----- Optional to specify the source IP from where the connections will originate.
end
In 6.4.x, to enable syslog server override under VDOM.
From the CLI, execute the following command.
# config vdom
edit "VDOM_NAME"
# config log setting
set syslog-override enable
end
When syslog-override is enabled, the following CLI commands are available for configuring VDOM override:
To configure VDOM override for a syslog server:
1) Configure the syslog override settings.
# config log syslogd/syslogd2/syslogd3/syslogd4 override-setting
set status enable
set server x.x.x.x <----- Where x.x.x.x is the IP address of syslog server.
set port 514
set source-ip x.x.x.x <----- Optional to specify the source IP from where the connections will originate.
end
2) Configure the override filters.
# config log syslogd/syslogd2/syslogd3/syslogd4 override-filter
set severity information
set forward-traffic enable
set local-traffic enable
set multicast-traffic enable
set sniffer-traffic enable
set anomaly enable
set voip enable
set dns enable
set ssh enable
set ssl enable
end
The change can now be verified from GUI.
