mksyslogserver

Use the mksyslogserver command to create a syslog server to receive notifications.

Syntax

Read syntax diagramSkip visual syntax diagram mksyslogserver -nameserver_name -ipip_address_or_domain_name-facilityfacility-erroronoff-warningonoff-infoonoff-auditoffon-loginoffon-protocoludptlstcp-portport_number-cadfonoff

Parameters

-name server_name
(Optional) Specifies a unique name to assign to the syslog server. If a name is not specified, then a system default of syslogn is applied, where n is the ID of the server. When specifying a server name, syslog is a reserved word.
-ip ip_address_or_domain_name
(Required) Specifies the Internet Protocol (IP) address or domain name of the syslog server. The IP address must be a valid IPv4 or IPv6 address, or a fully qualified domain name. If you specify a domain name, a DNS server must be configured on your system. You can use the mkdnsserver command to configure DNS servers.
-facility facility
(Optional) Specifies the facility number used in syslog messages. This number identifies the origin of the message to the receiving server. Servers configured with facility values of 0 - 3 receive syslog messages in concise format. Servers configured with facility values of 4 - 7 receive syslog messages in fully-expanded format. The default value is 0.
-error on | off
(Optional) Specifies whether the server receives error notifications. Set to on, error notifications are sent to the syslog server. Set to off, error notifications are not sent to the syslog server. The default value is on.
-warning on | off
(Optional) Specifies whether the server receives warning notifications. Set to on, warning notifications are sent to the syslog server. Set to off, warning notifications are not sent to the syslog server. The default value is on.
-info on | off
(Optional) Specifies whether the server receives information notifications. Set to on, information notifications are sent to the syslog server. Set to off, information notifications are not sent to the syslog server. The default value is on.
-audit on | off
(Optional) Specifies whether the server receives CLI audit logs. The default value is off.
-login on | off
(Optional) Specifies whether the server receives authentication logs. The default value is off.
-protocol udp |tls|tcp
(Optional) Specifies the communication protocol that is used by this server. The default value is udp.
-port port_number
(Optional) Specifies the communication port that is used by this server. You cannot use this parameter unless -protocol is specified. This number must be in the range of 1 - 65535. The default value is 514 for udp and 6514 for tcp.
-cadf on | off
(Optional) Specifies that Cloud Auditing Data Federation (CADF) data reporting be turned on or off. Only cloud account create, update, removal and cloud backup activity syslog notifications sent to the server are formatted to the CADF standard. This parameter is mutually-exclusive with -facility.

Description

This command creates a syslog server to receive notifications. The syslog protocol is a client-server standard for forwarding log messages from a sender to a receiver on an IP network. Syslog can be used to integrate log messages from different types of systems into a central repository.

-login messages are sent to the authpriv facility on the remote syslog server and -audit messages are sent to facility.notice level (where facility is what's being selected when you create the syslog server and level is always notice).

For syslog servers, SNMP servers, and email users with type set to local, the valid combinations of notification types are:
  • error, warning, and info
  • error and warning

An invocation example

mksyslogserver -ip 1.2.3.4

The resulting output:

Syslog Server id [2] successfully created