Wired Intelligent Edge (Campus Switching and Routing)

 View Only
last person joined: one year ago 

Bring performance and reliability to your network with the HPE Aruba Networking Core, Aggregation, and Access layer switches. Discuss the latest features and functionality of HPE Aruba Networking switching devices, and find ways to improve security across your network.
Back to Library

ArubaOS-Switch – How To Configure Syslog Messaging To Report Running Configuration Changes 

Apr 27, 2020 10:38 AM

Requirement:

ArubaOS Switch



Solution:

In the following example, switch Rack2sw1 is configured to send an event message to the Syslog host when the running configuration is changed.



Configuration:

Rack2sw1(config)# logging 10.250.101.177
Rack2sw1(config)# logging notify running-config-change transmission-interval 2



Verification

Rack2sw1# show syslog notifications

 Syslog Notifications Information

  Type                                     | Status     TX Interval
  ------------------------------------ + ------------ ------------
  Running Config Change    | Enabled  2

Rack2sw1# show syslog config

 Syslog Configuration

 Syslog Facility : user
 Syslog Severity : debug
 Syslog System Module : all-pass
 Syslog Priority Description :

 Syslog Server Details

  Syslog Server Address/Host Name                      L4     Port    Syslog Control Descr   PerIp
  -----------------------------------                                        ---     ------    --------------------               -----
  10.250.101.177                                                        UDP 514                                             No

 

---------- Testing -----------


Core-Switch(config)# interface 26 name NewName


---------- Syslog Received Message ----------

    
<12>Apr 26 00:47:10 10.250.101.169 notice: Notice-Type='Running Config Change',Event-ID='3165',Config-Method='CLI',Device-Name='Rack2sw1',User-Name='manager',Remote-IP-Address='127.0.0.1'    10.250.101.169    25/04 17:51:26.582    


---------- Wireshark Trace ----------
    

Ethernet II, Src: HewlettP_b4:84:40 (54:80:28:b4:84:40), Dst: HewlettP_ea:30:08 (ac:e2:d3:ea:30:08)
Internet Protocol Version 4, Src: 10.250.101.169, Dst: 10.250.101.177
User Datagram Protocol, Src Port: 514, Dst Port: 514
Syslog message: USER.WARNING: Apr 26 00:53:21 10.250.101.169 notice: Notice-Type='Running Config Change',Event-ID='3169',Config-Method='CLI',Device-Name='Rack2sw1',User-Name='manager',Remote-IP-Address='127.0.0.1'
    0000 1... = Facility: USER - random user-level messages (1)
    .... .100 = Level: WARNING - warning conditions (4)
    Message: Apr 26 00:53:21 10.250.101.169 notice: Notice-Type='Running Config Change',Event-ID='3169',Config-Method='CLI',Device-Name='Rack2sw1',User-Name='manager',Remote-IP-Address='127.0.0.1'
        Syslog timestamp (RFC3164): Apr 26 00:53:21
        Syslog hostname: 10.250.101.169
        Syslog process id: notice
        Syslog message id: : Notice-Type='Running Config Change',Event-ID='3169',Config-Method='CLI',Device-Name='Rack2sw1',User-Name='manager',Remote-IP-Address='127.0.0.1'


---------- Local Testing ----------


Rack2sw1# debug ip packet
Rack2sw1# debug destination buffer
Rack2sw1# show debug

 Debug Logging

  Source IP Selection: Outgoing Interface
  Origin identifier: Outgoing Interface IP
  Destination:
   Memory buffer

  Time-stamp: System-Uptime

  Enabled debug types:
   ip packet

Rack2sw1# configure terminal
Rack2sw1(config)# interface 26 name New-Name

Rack2sw1# show debug buffer | include 10.250.101.177

0023:02:00:23.23 IP  InetServer:s=10.250.101.169 d=10.250.101.177(vl1000) xmit

Statistics
0 Favorited
12 Views
0 Files
0 Shares
0 Downloads

Related Entries and Links

No Related Resource entered.