Wireless Access

Reply
Occasional Contributor II

Audit-trail to syslog

Hello, I’m attempting to have audit-trail entries sent to my syslog server. I generate new audit-trail events just fine but do not see them go to my syslog server.  I’m on AOS 3.4.5.0.

 

This thread: http://community.arubanetworks.com/t5/Command-of-the-Day/COTD-audit-trail-all/m-p/971

 

And KB article 1097 both say it is possible to do this so I’m hoping an extra set of eyes will see the issue that I do not.

 

My configuration looks like:

 

logging level notifications system subcat configuration

logging xxx.xxx.xxx.xxx system

 

                                                                                                              

(MasterAruba6000) #show logging level verbose

 

LOGGING LEVELS

--------------

Facility  Level          Sub Category   Process

--------  -----          ------------   -------

network   warnings       N/A            N/A

security  warnings       N/A            N/A

system    warnings       N/A            N/A

system    notifications  configuration  N/A

user      warnings       N/A            N/A

wireless  warnings       N/A            N/A

 

 

Thanks, I’d appreciate some help if you have done this.

 

 

Guru Elite

Re: Audit-trail to syslog


scottwe wrote:

Hello, I’m attempting to have audit-trail entries sent to my syslog server. I generate new audit-trail events just fine but do not see them go to my syslog server.  I’m on AOS 3.4.5.0.

 

This thread: http://community.arubanetworks.com/t5/Command-of-the-Day/COTD-audit-trail-all/m-p/971

 

And KB article 1097 both say it is possible to do this so I’m hoping an extra set of eyes will see the issue that I do not.

 

My configuration looks like:

 

logging level notifications system subcat configuration

logging xxx.xxx.xxx.xxx system

 

                                                                                                              

(MasterAruba6000) #show logging level verbose

 

LOGGING LEVELS

--------------

Facility  Level          Sub Category   Process

--------  -----          ------------   -------

network   warnings       N/A            N/A

security  warnings       N/A            N/A

system    warnings       N/A            N/A

system    notifications  configuration  N/A

user      warnings       N/A            N/A

wireless  warnings       N/A            N/A

 

 

Thanks, I’d appreciate some help if you have done this.

 

 


I have logging working to syslog with the config below:

 

(host) (config) #show logging level verbose

LOGGING LEVELS
--------------
Facility Level Sub Category Process
-------- ----- ------------ -------
network warnings N/A N/A
security warnings N/A N/A
security warnings ids N/A
security warnings ids-ap N/A
system warnings N/A N/A
user warnings N/A N/A
wireless warnings N/A N/A

 

You can only get the audit trail sent by sending the whole log to a syslog server like this:

 

logging 192.168.1.244

 

Keeping everything on warnings amounts to having the most quiet syslog.

 

If you want to log even show commands you can execute "audit-trail all"

 

 

 



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Occasional Contributor II

Re: Audit-trail to syslog

Thanks! I am getting audit-trail messages with the configuration you show. I was trying to only send the audit-trail messages to the server by trimming it down to "system > configuration" but I guess messages do not work like that?

Guru Elite

Re: Audit-trail to syslog

You are correct. It only works that way.


Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: