Outputting log information to a linux log host, Network requirements, Configuration procedure – H3C Technologies H3C SecPath F1000-E User Manual
Page 87
76
Now, the system can record log information into the log file.
Outputting log information to a Linux log host
Network requirements
Configure the SecPath to send log information that has a severity level of at least information to the Linux
log host at 1.2.0.1/16.
Figure 27 Network diagram
Configuration procedure
Before the configuration, make sure that the SecPath and PC can reach each other. (Details not shown.)
1.
Configure the SecPath
# Enable the information center.
[SecPath] info-center enable
# Specify the host 1.2.0.1/16 as the log host. Use channel loghost to output log information
(optional, loghost by default), and use local5 as the logging facility.
[SecPath] info-center loghost 1.2.0.1 channel loghost facility local5
# Disable the output of log, trap, and debugging information of all modules on channel loghost.
[SecPath] info-center source default channel loghost debug state off log state off
trap state off
To avoid outputting unnecessary information, disable the output of log, trap, and debugging
information on the specified channel (loghost in this example) before you configure an output rule.
# Configure an output rule to output log information of all modules that has a severity of at least
information to the log host.
[SecPath] info-center source default channel loghost log level information state on
2.
Configure the log host
a.
Log in to the log host as a root user.
b.
Create a subdirectory named SecPath under directory /var/log/, and create file info.log
under the SecPath directory to save logs of SecPath.
# mkdir /var/log/SecPath
# touch /var/log/SecPath/info.log
c.
Edit file /etc/syslog.conf and add the following contents.
# SecPath configuration messages
local5.info /var/log/SecPath/info.log
In the above configuration, local5 is the name of the logging facility used by the log host to receive
logs. info is the information level. The Linux system will record the log information with severity
level equal to or higher than information to file /var/log/SecPath/info.log.
- H3C SecPath F5000-A5 Firewall H3C SecPath F1000-A-EI H3C SecPath F1000-E-SI H3C SecPath F1000-S-AI H3C SecPath F5000-S Firewall H3C SecPath F5000-C Firewall H3C SecPath F100-C-SI H3C SecPath F1000-C-SI H3C SecPath F100-A-SI H3C SecBlade FW Cards H3C SecBlade FW Enhanced Cards H3C SecPath U200-A U200-M U200-S H3C SecPath U200-CA U200-CM U200-CS