Syslog Components and Their Use

Syslog Terms and Definitions describes the Extreme Networks implementation of key Syslog components.

Click to expand in new window

Syslog Terms and Definitions

Term Definition Extreme Networks Usage
Facility Categorizes which functional process is generating an error message. Syslog combines this value and the severity value to determine message priority. Extreme Networks uses the eight facility designations reserved for local use: local0 – local7. Default is local4, which allows the message severity portion of the priority code to be visible in clear text, making message interpretation easiest. For more information about facility designations, refer to RFC 3164.
Severity Indicates the severity of the error condition generating the Syslog message. The lower the number value, the higher will be the severity of the condition generating the message. Extreme Networks devices provide the following eight levels:
  • 1 - emergencies (system is unusable)
  • 2 - alerts (immediate action required)
  • 3 - critical conditions
  • 4 - error conditions
  • 5 - warning conditions
  • 6 - notifications (significant conditions)
  • 7 - informational messages
  • 8 - debugging messages

    The default Syslog configuration allows applications (log message sources) to forward messages at a severity level of 6, and destinations (console, file system, or remote Syslog servers) to log messages at a severity level of 8.

Note: Numerical values used in Extreme Networks syslog CLI and the feature's configuration MIB range from 1-8. These map to the RFC 3164 levels of 0-7 respectively. Syslog messages generated report the RFC 3164 specified level values.
Application Client software applications running on devices that can generate Syslog messages. Extreme Networks supported applications and their associated CLI mnemonic values include:
  • CLI - Command Line Interface
  • SNMP - Simple Network Management Protocol
  • Webview - Extreme Networks Web-based system management
  • System - System messages
  • RtrFe - Router Forwarding Engine
  • Trace - Trace logging
  • RtrLSNat - Load Share Network Address Translation
  • FlowLimt - Flow limiting
  • UPN - User Personalized Networks
  • AAA - Authentication, Authorization and Accounting

    Use the show logging application all command to list supported applications and the corresponding CLI numeric or mnemonic values you can use to configure application logging on your devices.

Syslog server A remote server configured to collect and store Syslog messages. Extreme Networks devices allow up to 8 server IP addresses to be configured as destinations for Syslog messages. By default, Syslog server is globally enabled, with no IP addresses configured, at a severity level of 8.