OOBC system prerequisites
You must ensure that the configuration of devices, OOBC and syslogd meets certain requirements in order to allow communication between these components. Devices need to send syslog messages when their configuration is changed, and send the syslog messages in a format that will be parsable by the OOBC daemon.
Communication prerequisites
The sample OOBC
default configuration file described in OOBC default configuration file contains the following
configuration:
"
</log-pattern>
<!-- this pattern matches the most common log messages like
Apr 17 11:53:24 test_3-2 12984: Apr 17 07:52:23.318 %SYS-5-CONFIG_I: Configured from console by cisco on console
-->
<log-pattern actionName="ConfigSyncIn" uowPriority="LOW" notifyName="
FileNotifier">
<pattern>([A-S][a-u][by]\
s+\d{1,2}\s+\d{2}:\d{2}:\d{2})\s+\[?([\.A-Za-z0-9_-
]+)\]?[\.\S+]*\s+.*?SYS-5-CONFIG_I:\s(Configured\
sfrom.*by\s(.*)\s+on\s(.*$))</pattern>
"
In order to produce syslog messages in the format
above, the configuration for a Cisco device, for example, must contain
the following line:
service timestamps log datetime
In
order to send the message to the syslog daemon, logging for the Cisco
has to be configured at 'notification' level, and the IP address of
the syslog server must be provided in the device configuration, as
in the following examples:
logging buffered 4096 notifications
logging 192.168.30.112
In this example 4096
is
the size of the log, and 192.168.30.112
is the IP
address of the syslog server.