The syslog protocol allow devices to send event notification messages across IP networks to event message collectors, also known as syslog servers.
A maximum of 4 syslog servers can be configured on any SLX device. These servers can have IPV4 or IPV6 address and reside in mgmt-vrf, default-vrf or user defined VRF. The logging syslog-server command enables the syslog event capturing on the syslog server. The IP address and VRF-name are configurable parameters.
Jun 2 09:17:42 MMVM raslogd: [log@1588 value="AUDIT"][timestamp@1588 value="2016-06- 02T09:17:42.428106"][tz@1588 value="GMT"][msgid@1588 value="DCM- 1006"][severity@1588 value="INFO"][class@1588 value="DCMCFG"][user@1588 value="admin"][role@1588 value="admin"][ip@1588 value="127.0.0.1"][interface@1588 value="console"][application@1588 value="cli"][swname@1588 value="SLX9540"][arg0@1588 value="database commit transaction" desc="Event Name"][arg1@1588 value="Succeeded" desc="Command status"][arg2@1588 value=""configure config snmp-server location "EMIS Rack 11-1""" desc="ConfD hpath string"] BOMEvent: database commit transaction, Status: Succeeded, User command: "configure config snmp-server location "EMIS Rack 11-1"".
Jun 2 09:17:42 MMVM raslogd: [log@1588 value="RASLOG"][timestamp@1588 value="2016-06- 02T09:17:42.420216"][msgid@1588 value="SNMP-1005"][seqnum@1588 value="1071"][attr@1588 value=" M1 | Active | WWN 10:00:00:27:fffffff8:fffff[severity@1588 value="INFO"][swname@1588 value="MMVM"][arg0@1588 value="sysLocation" desc="Changed attribute"][arg1@1588 value="has changed from [End User Premise.] to [EMIS Rack 11-1]" desc="String Value"] BOMSNMP configuration attribute, sysLocation, has changed from [End User Premise.] to [EMIS Rack 11-1].
For more information on Syslog messages, refer to the Extreme SLX-OS Message Reference Guide.