Configure SYSLOG

Refer to the following table for descriptions of the options in the Syslog Properties dialog.

Attribute	Description
Admin State	Specifies whether syslog is to be enabled or disabled for this NE. Enabled Disabled (default)
Destinations
IP/Hostname	Specify the IP address (static or dynamic) or the hostname of the syslog server. Multiple syslog servers can be specified. Note: If an IPv4 address is used, it MUST be in the format of the dotted decimal notation. If an IPv6 address is used, a valid textual representation MUST be used,
Destination Configuration
Admin State	Specify whether the syslog Destination Configuration is to be enabled or disabled. Enabled (default) Disabled
Protocol	Specify the transport protocol to be used for syslog. UDP (default) sends out messages randomly to the syslog server. TCP sends out and receives messages bi-directionally to the syslog server TLS uses a trusted Certificate of Authority for security key, which is encrypted and is the most reliable transport for messages sent to the syslog server. Note: TLS protocol is recommended because the Certificate of Authority acts as a trusted host.
Port	Specifies the default port number to send syslog messages to the syslog server for the selected transport protocol. Any port number can be used; but the following are recommended. 514 – UDP (default) port sends out messages 6514 – TCP port sends and receives messages 6514 – TLS port sends messages that can be encrypted and uses a Certificate of Authority as a trusted host.
Facility Mapping
Class	Specifies the class of facility mapping that is to be captured. Each Class must have a specified facility value. Multiple Facility Mappings can be specified. • ALARM (default) • AUTH • CLI • DEBUG • DNLD • EVENT • EXCEPT • INFO • PLATFM • OTHERS
Facility	Specifies the facility mapping criteria for each Class that is to be captured. Each Facility must have a specified Class value. Multiple Facility Mappings can be specified. • kernel(0) (default) – Kernel messages • user(1) – User-level messages • mail(2) – Mail system • daemon(3) – System daemons • authorization(4) – Security/authorization messages • syslog(5) – Messages generated internally by the syslog daemon (syslogd) • line-printer(6) – Line printer subsystem • news(7) – Network news subsystem • uucp(8) – UUCP subsystem • clock(9) – Clock daemon • authorization-privilege(10) – Security/authorization messages • ftp(11) – FTP daemon • ntp(12) – NTP daemon • audit(13) – Log audit • alert(14) – Log alert • cron(15) – Clock daemon (note 2) • local0(16) – Local use 0 • local1(17) – Local use 1 • local2(18) – Local use 2 • local3(19) – Local use 3 • local4(20) – Local use 4 • local5(21) – Local use 5 • local6(22) – Local use 6 • local7(23) – Local use 7
Filter
Level	Specifies the Filter Level characteristic to be applied. Each Level must have a corresponding Class applied. Multiple Filters can be specified. • emergency(0) (default) – System is unusable • alert(1) – Action must be taken immediately • critical(2) – Critical conditions • error(3) – Error conditions • warning(4) – Warning conditions • notification(5) – Normal but significant condition • information(6) – Informational messages • debug(7) – Debug-level messages
Class	Specifies the Filter Class characteristic to be applied. Each Class must have a corresponding Level applied. Multiple filters can be specified. • None (default) • ALARM • AUTH • CLI • DEBUG • DNLD • EVENT • EXCEPT • INFO • PLKTFM
Message IDs	Identifies the type of message. For example, a firewall might use the MSGID "TCPIN" for incoming TCP traffic and the MSGID "TCPOUT" for outgoing TCP traffic. Messages with the same MSGID should reflect events of the same semantics. The MSGID itself is a string without further semantics. It is intended for filtering messages from a relay or collector.

Use the following procedure to view or configure syslog.

Go to Devices and select an OLT (e.g. DallaCorpOLT1-2), click Properties in the Menu Bar, Select SYSLOG on the Property's dropdown list.
In the Admin State section, select the state: Enable Admin state (Default).

Disable Admin state.

Enter the IP/Hostname of the Syslog server by clicking the Add (+) icon to add the IP addresses to the IP/Host List shown on the right. The IP/Hostname identifies the source syslog server.

P/Hostname is active with Admin permissions

Click the Remove icon to delete the IP addresses in the IP/Host List.
In the Destination Configuration section, select the state:

Enable (Default).
Disable

After setting up the Syslog configuration, click the Apply Changes button to update changes to the syslog server.
Click the Refresh button to update changes to the syslog display.
In the Transport Layer Mapping area, select the Protocol from the dropdown list to be used as the transport layer mechanism. Each protocol provides different levels of transport reliability and are categorized as:
1. UDP (Default) - protocol transport that sends out basic messages.
2. TCP - protocol transport that sends messages bidirectionally.
3. TLS - protocol transport that sends messages utilizing the Certificate of Authority for trusted hosts and encryption. This is the most recommended of transport mechanisms for this purpose.
Enter the Port number that defines the default port that sends syslog messages to the syslog server:
1. 514 – UDP (Default)
2. 6514 – TCP
3. 6514 – TLS (recommended)
In the Facility Mapping area, click the Add Facility button.
Select the Facility Class from the drop-down list.
Select the Facility from the drop-down list.
Select from Actions to Save Facility Mapping or Cancel Facility Mapping.
In the Filters section, click the Add Filter button.
Select the Level from the drop-down list.
Select the Log Class from the drop-down list.
Enter a user-defined message to Message ID.
Select from Actions to Save Filters or Cancel Filters.