Outputting log information to the console, Network requirements, Configuration procedure – H3C Technologies H3C SecPath F1000-E User Manual
Page 88
77
NOTE:
Be aware of the following issues while editing the file /etc/syslog.conf:
•
Comments must be on a separate line and must begin with a pound (#) sign.
•
No redundant spaces are allowed after the file name.
•
The logging facility name and the information level specified in the /etc/syslog.conf file must be
identical to those configured on the SecPath using the info-center loghost and info-center source
commands. Otherwise the log information may not be output properly to the log host.
d.
Display the process ID of syslogd, kill the syslogd process, and restart syslogd using the -r
option to make the modified configuration take effect.
# ps -ae | grep syslogd
147
# kill -9 147
# syslogd -r &
Make sure that the syslogd process is started with the -r option on a Linux log host.
After the above configurations, the system will be able to record log information into the log file.
Outputting log information to the console
Network requirements
Configure the SecPath to send ARP and IP log information that has a severity level of at least Information
to the console.
Figure 28 Network diagram
Configuration procedure
# Enable the information center.
[SecPath] info-center enable
# Use channel console to output log information to the console (optional, console by default).
[SecPath] info-center console channel console
# Disable the output of log, trap, and debugging information of all modules on channel console.
[SecPath] info-center source default channel console debug state off log state off trap
state off
To avoid outputting unnecessary information, disable the output of log, trap, and debugging information
of all modules on the specified channel (console in this example), and then configure the output rule as
needed.
# Configure an output rule to output to the console ARP and IP log information that has a severity level
of at least information. (Note that the source modules allowed to output information depend on the
SecPath model.)
[SecPath] info-center source arp channel console log level information state on
[SecPath] info-center source ip channel console log level information state on
- H3C SecPath F5000-A5 Firewall H3C SecPath F1000-A-EI H3C SecPath F1000-E-SI H3C SecPath F1000-S-AI H3C SecPath F5000-S Firewall H3C SecPath F5000-C Firewall H3C SecPath F100-C-SI H3C SecPath F1000-C-SI H3C SecPath F100-A-SI H3C SecBlade FW Cards H3C SecBlade FW Enhanced Cards H3C SecPath U200-A U200-M U200-S H3C SecPath U200-CA U200-CM U200-CS