Configure Netscreen Syslog storage to the LinuxSyslog Server
Source: Internet
Author: User
Configure the syslogs of Netscreen to be stored on the Linux Syslog Server-Linux Enterprise Application-Linux server application. For details, see the following. When I went on a business trip to Hebei province two days ago to debug the Netscreen500 firewall of Juniper for a Netcom company, they asked me to store the logs recorded by the firewall to the log server created on the Linux platform, if you still have such information, we will discuss and share it with you. we will share with you how to configure Syslog.
Configure Netscreen Syslog storage to Linux Syslog Server
Store the Syslog information of the IDC firewall (x. x. x.65) to the Syslog server (x. x. x.116) to track the Firewall Status and Log check.
Syslog Server Configuration:
1. Configure Syslogd
Change the/etc/syslog. conf configuration file and add the following parts:
# Save Debug Message of Netscreen (x. x. x.65) to ns. log
Local1. */var/log/ns. log
Store the information of the local1 device (facility) in/var/log/ns. log. This configuration allows you to store the log information of different devices in different files for ease of viewing.
2. Configure logrotate
The logrotate program in Linux is used to poll log files. You can save multiple log files by specifying the file size, time, and other configurations.
Change the/etc/logratate. conf file and add the following parts:
/Var/log/ns. log {
Weekly
Rotate 10
}
Set the file ns stored in syslog. logs are saved every week. A total of 10 files are saved, that is, they are saved as ns in the first week. log. The file name of this week will be changed to ns by next Monday. log.1, and so on.
3. Restart syslogd
Service syslog restart
Netscreen Configuration:
1. View log levels
Get event level
You can see the current netscreen event level, for example:
Alert level 1: immediate action is required
Critical level 2: functionality is affected
Debug level 7: detailed information for troubleshooting
Emergency level 0: system is unusable
Error level 3: error condition
Information level 6: general information about operation
Notification level 5: normal events
Warning level 4: functionality may be affected
Select the desired level. Here we select the Debug information.
2. Configure Syslog
Set syslog config "x. x. x.116" "local7" "local1"
Set syslog enable
Set syslog traffic
The first is syslog configuration, which stores syslog data to x. x. x.116 is the syslog server, local7 (security facility) is the Debug Level we saw earlier, and local1 is the device (facility). Do you still remember the local1 we configured in linux syslog?
Second, enable syslog.
Article 3 record the traffic information in syslog.
3. Save it.
Save
View syslog:
If you want to view syslog data on the syslog server,/var/log/ns. log. If you want to view log information in real time, tail-f/var/log/ns. log
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.