Logs are not visible on syslog servers when log forwarding is enable for Brocade SAN switches

Last updated
Save as PDF
Share
1. Share
2. Tweet
3. Share

Views:: 730

Visibility:: Public

Votes:: 0

Category:: fabric-interconnect-and-management-switches

Specialty:: brocade

Last Updated:

Applies to

Brocade switches
Third-party Syslog server

Issue

Brocade Logs are not visible on syslog servers.
Ensure there are no firewall issues.
Below steps can be performed to isolate the issue:

Schedule a maintenance window and then perform “hareboot” to restart all the switch services.
After the “hareboot” command, wait for about 5 minutes and check if the syslog server has received any messages from the switch.
If the problem persists, then perform the following steps:

Execute “syslogadmin --remove -ip 10.10.10.xxx”
Execute “syslogadmin --set -ip 10.10.10.xxx”
Execute “syslogadmin --set -facility 7”
Execute “syslogadmin --show –facility”
Execute “auditdump –s” and capture the outputs to a text file and save it as “auditdump.txt”

Note: 10.10.10.147 is syslog server ip

<< log snippet >

protocol.syslog:Any syslog.address.1:10.10.10.xxx

Parameter facility -> Displays the configured syslog facility.
Parameter --set -facility level -> sets the syslog facility. Valid levels are 0 through 7. The default is 7.

Refer: Brocade Fabric OS Command Reference Manual, 9.1.x

If the problem still persists, then execute “supportsave” to capture a supportSave
Additionally, collect the auditdump.txt for Brocade Support as mentioned above to analyze the issue further.