chsyslogserver

Use the chsyslogserver command to modify the parameters of an existing syslog server.

Syntax

Read syntax diagramSkip visual syntax diagram chsyslogserver -nameserver_name-ipip_address_or_domain_name-facilityfacility-erroronoff-warningonoff-infoonoff-auditoffon-loginoffon-protocoludptlstcp-portport_number-cadfonoffsyslog_server_namesyslog_server_id

Parameters

-name server_name
(Optional) Specifies a name to assign to the syslog server. The name must be unique. When specifying a server name, syslog is a reserved word.
-ip ip_address_or_domain_name
(Optional) Specifies an IP address or a fully qualified domain name to assign to the syslog server. The IP address must be a valid IPv4 or IPv6 address or a fully qualified domain name. If you specify a domain name, a DNS server must be configured on your system. You can use the mkdnsserver command to configure DNS servers.
-facility facility
(Optional) Specifies a facility number to identify the origin of the message to the receiving server. Servers configured with facility values of 0 - 3 receive syslog messages in concise format. Servers configured with facility values of 4 - 7 receive syslog messages in fully-expanded format. This parameter is mutually-exclusive with -cadf.
-error on | off
(Optional) Specifies whether the server receives error notifications. Set to on, error notifications are sent to the syslog server. Set to off, error notifications are not sent to the syslog server.
-warning on | off
(Optional) Specifies whether the server receives warning notifications. Set to on, warning notifications are sent to the syslog server. Set to off, warning notifications are not sent to the syslog server.
-info on | off
(Optional) Specifies whether the server receives information notifications. Set to on, information notifications are sent to the syslog server. Set to off, information notifications are not sent to the syslog server.
-audit on | off
(Optional) Specifies whether the server receives CLI audit logs. The default value is off. These notifications are always sent as facility level 3 messages.
-login on | off
(Optional) Specifies whether the server receives authentication logs. The default value is off. These notifications are always sent as facility level 3 messages.
-protocol udp|tls|tcp
(Optional) Specifies the communication protocol that is used by this server. The default value is udp.
-port port_number
(Optional) Specifies the communication port that is used by this server. You cannot use this parameter unless -protocol is specified. This number must be in the range of 1 - 65535. The default value is 514 for udp and 6514 for tcp.
-cadf on | off
(Optional) Specifies that Cloud Auditing Data Federation (CADF) data reporting be turned on or off. Only cloud account create, update, removal and cloud backup activity syslog notifications sent to the server are formatted to the CADF standard. This parameter is mutually-exclusive with -facility.
syslog_server_name | syslog_server_id
(Required) Specifies the name or ID of the server to be modified.

Description

Use this command to change the settings of an existing syslog server. You must specify either the current name of the server or the ID returned at creation time. Use the lssyslogserver command to obtain this ID.

-login messages are sent to the authpriv facility on the remote syslog server and -audit messages are sent to facility.notice level (where facility is what's being selected when you create the syslog server and level is always notice).

For syslog servers, SNMP servers, and email users with type set to local, the valid combinations of notification types are:
  • -error, -warning, and -info
  • -error and -warning

If you disable CADF notifications for a syslog server that has CADF notification enabled, the facility value must be set to 0.

An invocation example

chsyslogserver -facility 5 2

The resulting output:

No feedback