@scottwe wrote:
Hello, I’m attempting to have audit-trail entries sent to my syslog server. I generate new audit-trail events just fine but do not see them go to my syslog server. I’m on AOS 3.4.5.0.
This thread: http://community.arubanetworks.com/t5/Command-of-the-Day/COTD-audit-trail-all/m-p/971
And KB article 1097 both say it is possible to do this so I’m hoping an extra set of eyes will see the issue that I do not.
My configuration looks like:
logging level notifications system subcat configuration
logging xxx.xxx.xxx.xxx system
(MasterAruba6000) #show logging level verbose
LOGGING LEVELS
--------------
Facility Level Sub Category Process
-------- ----- ------------ -------
network warnings N/A N/A
security warnings N/A N/A
system warnings N/A N/A
system notifications configuration N/A
user warnings N/A N/A
wireless warnings N/A N/A
Thanks, I’d appreciate some help if you have done this.
I have logging working to syslog with the config below:
(host) (config) #show logging level verbose
LOGGING LEVELS
--------------
Facility Level Sub Category Process
-------- ----- ------------ -------
network warnings N/A N/A
security warnings N/A N/A
security warnings ids N/A
security warnings ids-ap N/A
system warnings N/A N/A
user warnings N/A N/A
wireless warnings N/A N/A
You can only get the audit trail sent by sending the whole log to a syslog server like this:
logging 192.168.1.244
Keeping everything on warnings amounts to having the most quiet syslog.
If you want to log even show commands you can execute "audit-trail all"