Hello,
I am running a graylog server to collect syslogs from multiple servers and am now playing with the idea of adding our ProCurve switches to the mix.
Here is what I have done so far:
logging facility syslog
logging x.x.x.x
logging severity debug (which I assumed would include this level and above. ??)
debug destination logging
debug all (sans ip, ipv6, lldp to eliminate too much data as I am new to this and alone in this endeavor so I can only handle so much)
The graylog server is receiving syslog messages from the switch but it really isn't giving me much to work with . Examples:
auth: User 'X' logout
mgr: Startup configuration changed by CLI. New seq. number 77
What would be nice is to see such things as entered commands, e.g., wr mem, static route changes, etc.
I am working with a ProCurve 3500yl, software version K.15.13.0005
Any suggestions would be appreciated.
#logging#syslog