OOBC system prerequisites

You must ensure that the configuration of devices, OOBC and syslogd meets certain requirements in order to allow communication between these components. Devices need to send syslog messages when their configuration is changed, and send the syslog messages in a format that will be parsable by the OOBC daemon.

Communication prerequisites

The sample OOBC default configuration file described in OOBC default configuration file contains the following configuration:
"
</log-pattern>
<!-- this pattern matches the most common log messages like
Apr 17 11:53:24 test_3-2 12984: Apr 17 07:52:23.318 %SYS-5-CONFIG_I: Configured from console by cisco on console
-->
<log-pattern actionName="ConfigSyncIn" uowPriority="LOW" notifyName="
FileNotifier">
<pattern>([A-S][a-u][by]\
s+\d{1,2}\s+\d{2}:\d{2}:\d{2})\s+\[?([\.A-Za-z0-9_-
]+)\]?[\.\S+]*\s+.*?SYS-5-CONFIG_I:\s(Configured\
sfrom.*by\s(.*)\s+on\s(.*$))</pattern>
"
In order to produce syslog messages in the format above, the configuration for a Cisco device, for example, must contain the following line:
service timestamps log datetime
In order to send the message to the syslog daemon, logging for the Cisco has to be configured at 'notification' level, and the IP address of the syslog server must be provided in the device configuration, as in the following examples:
logging buffered 4096 notifications
logging 192.168.30.112
In this example 4096 is the size of the log, and 192.168.30.112 is the IP address of the syslog server.