Hi guys,
I don't have much experience with this kind of configuration for the OS switches so hopefully you can help me out.
I want to send logs about configuration changes, interface status, system events and similar to my SIEM via Syslog protocol. I used the following set of commands to make the configuration, but unfortunately cannot see any logs appearing in my destination server:
swlog appid ALL level warning
swlog output socket <SIEM-IP-address>
swlog remote command-log enable
swlog console level info
The output of show swlog is as follows:
-> show swlog
Operational Status : On,
Log Device 1 : flash,
Log Device 2 : console,
Log Device 3 : ipaddr <SIEM-IP-address>,
Syslog FacilityID : local0(16),
Remote command-log : Enabled,
Console Display Level : info (6),
All Applications Trace Level : warning (5)
Where am I going wrong?
Thank you!
Kind Regards,
Blagoja
SIEM integration via Syslog OS6450
Re: SIEM integration via Syslog OS6450
The config for syslog is okay. Are there any new messages with level warning or higher (which do you missed at your server) in the flash-output visible? Show log swlog
Otherwise you have to "create" some (f.e. login with wrong user/password)
For remote command-log maybe the following commands are necessary.
command-log enable
swlog output socket <SIEM-IP-address> remote command-log
If there are still no messages in SIEM visible than you should use wireshark/capture at the server to check it.
best regards
Silvio
Otherwise you have to "create" some (f.e. login with wrong user/password)
For remote command-log maybe the following commands are necessary.
command-log enable
swlog output socket <SIEM-IP-address> remote command-log
If there are still no messages in SIEM visible than you should use wireshark/capture at the server to check it.
best regards
Silvio
Jump to
- General topics
- ↳ Talk to the admins
- ↳ GENERAL
- ↳ Outside World
- ↳ PARTS
- ↳ Pre-Sales
- ↳ JOBS
- ↳ Remote assistance contracts
- ↳ Actis
- ↳ Equipement Pictures
- ↳ OT/OXE/OXO FEATURES REQUESTS
- ↳ Lucent Technologies
- IF YOU ARE NOT TECHNICALLY TRAINED ON THOSE PBX, PLEASE POST IN ONE OF THOSE FORUMS
- ↳ Beginner's questions about the Crystal Hardware
- ↳ Beginner's questions about the Common Hardware
- ↳ Beginner's questions about the (4400 / Enterprise) PHONE APPLICATION or OPERATING SYSTEM
- ↳ Beginner's questions about the OmniPCX OFFICE
- VOICE - Documentation
- ↳ OXE (Crystal / Common) - System Documentation
- ↳ 4760
- ↳ OXO - System Documentation
- ↳ Documentation
- VOICE - OXE (OmniPCX Enterprise)
- ↳ Shelf
- ↳ Media Gateway
- ↳ PWT/DECT System
- ↳ System
- ↳ Translator
- ↳ Classes of Services
- ↳ Attendant
- ↳ Users
- ↳ Users by profile
- ↳ Set Profile
- ↳ Groups
- ↳ Speed Dialing
- ↳ Phone Book
- ↳ Entities
- ↳ Trunk Groups
- ↳ External Services
- ↳ Inter-Node Links
- ↳ X25
- ↳ Data
- ↳ Application
- ↳ Specific Telephone Services
- ↳ ATM
- ↳ Event Routing Discriminator
- ↳ Security and Access Control
- ↳ IP
- ↳ SIP
- ↳ DHCP Configuration
- ↳ Alcatel-Lucent Series 8&9
- ↳ SIP Extension
- ↳ Encryption
- ↳ Passive Communication Server
- ↳ SNMP Configuration
- VOICE - OXE - Common topics
- ↳ MAIN
- ↳ ACTIS
- ↳ Asterisk
- ↳ Boards
- ↳ Bugs & Security issues
- ↳ Equipment Pictures
- ↳ Feature Request
- ↳ H323 / Sip
- ↳ IP / VoIP
- ↳ IP SECURITY / ENCRYPTION (Thales)
- ↳ ipTouch (40x8) issues and tricks
- ↳ Linux tricks
- ↳ MOH
- ↳ ON SITE TROUBLES
- ↳ Phones
- ↳ Sipfoundry
- ↳ Software Loading
- ↳ Swinst
- ↳ System Hacking
- ↳ Traces
- ↳ Usefull commands
- ↳ Voice Guides
- ↳ VMWARE
- ↳ Wireless configuration and sets
- VOICE - OpenTouch
- ↳ MAIN
- ↳ OTEC - OpenTouch Enterprise Cloud
- ↳ OTBE - OpenTouch Business Edition
- ↳ OTMS - OpenTouch Multimedia Services
- ↳ OTSBC - OpenTouch Session Border Controller
- ↳ OTNS - OpenTouch Notification Service
- ↳ OTMC - OpenTouch Message Center
- ↳ OTFC - OpenTouch Fax Center
- ↳ OpenTouch Conversation
- ↳ Smart Guest Applications
- VOICE - BiCS
- ↳ MAIN
- VOICE - OXO
- ↳ MAIN
- ↳ Configuration
- ↳ 42xx Systems
- ↳ Networking
- ↳ H323 / IP / Pimphony
- ↳ Internet and related
- ↳ Applications
- ↳ Hotel mode
- ↳ DECT
- ↳ Hardware
- VOICE - Omni Suite
- ↳ OmniTouch 8400 Instant Communication Suite
- ↳ OmniTouch 8410 Instant Communication Web Services
- ↳ OmniTouch 8440 Messaging Software
- ↳ OmniTouch 8450 Fax Software
- ↳ OmniTouch 8460 Advanced Communication Server
- ↳ OmniTouch 8464 Meet-me Audio Conference Bridge
- ↳ OmniTouch 8660 My Teamwork Conferencing and Collaboration
- ↳ OmniTouch 8670 Automated Message Delivery System
- ↳ OmniTouch Contact Center Standard Edition
- ↳ OmniTouch Contact Center Premium Edition
- VOICE - Applications
- ↳ AECS - Alcatel Extended Communication Server
- ↳ Alcatel OpenTouch Customer Service
- ↳ Aviso
- ↳ Call Center SoftPanel (ALU ProServices)
- ↳ CCD / CCS / CCIVR
- ↳ Free Desktop
- ↳ GENESYS
- ↳ Hotel / Hospital
- ↳ Ip Desktop Softphone
- ↳ IpTouch Phones XML Applications
- ↳ MSAD
- ↳ MyIC (My Instant Communicator)
- ↳ My Messaging / IMAP
- ↳ My Teamwork (ex-eDial)
- ↳ OmniPCX Record
- ↳ OmniVista 4760
- ↳ OmniVista 8770
- ↳ OTUC
- ↳ PREMIUM / GCE
- ↳ Rainbow
- ↳ Ubiquity
- ↳ ENS - Emergency Notification Server
- ↳ VNA - Visual Notification Assistant
- ↳ VAA - Visual Auto Attendant
- ↳ VitalSuite
- ↳ VitalQIP
- ↳ Voicemail (46x5)
- ↳ XML Presentation Server & TAPI Server
- ↳ 4980 - WebSoftPhone
- ↳ 4625 Interactive Voice Response
- VOICE - Third Party Applications
- ↳ AGITO NETWORKS
- ↳ AUDIOCODES
- ↳ ASTERISK
- ↳ AVST
- ↳ CISCO
- ↳ NGINX
- ↳ NICE
- ↳ Notification Systems
- ↳ OAK
- ↳ SOURCE TECH
- ↳ systel
- ↳ IP Touch apps
- ↳ Click2Dial
- ↳ MYIC apps
- Alcatel Unleashed tools, documentations, and misc files...
- ↳ DIALER
- ↳ VM_BACKUP
- ↳ ipview analyzer
- ↳ "Home Made" documentations
- ↳ Alcatel Misc Documentation
- ↳ infocollect
- ↳ motview
- ↳ Other Alcatel-Lucent tools
- ↳ OFFICIAL TC's
- ↳ sngrep
- Developer's corner
- ↳ AHL / OHL
- ↳ Alarming, Notification & Location
- ↳ CCTI / CCA
- ↳ CSTA
- ↳ My IC Phone
- ↳ My IP Touch Service for Enterprise
- ↳ O2G
- ↳ OmniVista 8770 User Provisioning
- ↳ SIP
- ↳ TAPI
- ↳ TSAPI
- ↳ Web Services
- Alcatel Data Equipment
- ↳ Security
- ↳ OmniAccess 3500 Nonstop Laptop Guardian
- ↳ Mobility
- ↳ OmniAccess WLAN Switching Systems
- ↳ OmniAccess WLAN 4302
- ↳ OmniAccess Wireless Access Points 41
- ↳ OmniAccess Wireless Access Points 65
- ↳ OmniAccess Wireless Access Points 60/61/70
- ↳ OmniAccess Wireless Access Points 80M
- ↳ Mobile IP Phones
- ↳ OmniAccess Devices
- ↳ OmniAccess 5780
- ↳ OmniAccess 5740
- ↳ OmniAccess 5510
- ↳ Network Management
- ↳ Omnivista
- ↳ Omnivista Mobility Manager
- DATA - Documentation
- ↳ Technical papers
- ↳ Troubleshooting guides
- DATA - Lan Switching
- ↳ OmniSwitch 10k
- ↳ OmniSwitch 9900
- ↳ OmniSwitch 9000 / 9000E
- ↳ OmniSwitch 6900
- ↳ OmniSwitch 6865
- ↳ OmniSwitch 6860 / 6860E
- ↳ OmniSwitch 6855
- ↳ OmniSwitch 6850 / 6850E
- ↳ OmniSwitch 6560
- ↳ OmniSwitch 6465
- ↳ OmniSwitch 6450
- ↳ OmniSwitch 6400
- ↳ OmniSwitch 6360
- ↳ OmniSwitch 6350
- ↳ OmniSwitch 6250
- ↳ OmniSwitch 2220
- ↳ OmniSwitch 2260 / 2360
- ↳ Legacy Devices (OS4024, XOS, OmniCore)
- ↳ OmniSwitch 6600 / 7000 / 8800
- ↳ OmniSwitch 6800
- ↳ OmniStack LS 6200
- ↳ Misc
- DATA - WLAN, Mobility and WAN
- ↳ OmniAccess WLAN Switching Systems (OEM)
- ↳ OmniAccess Wireless Access Points
- ↳ Mobile IPTouch Phones (MIPT)
- ↳ OmniAccess Stellar Express
- ↳ OmniAccess Stellar Enterprise
- ↳ OmniAccess 3500 Nonstop Laptop Guardian
- ↳ Brick VPN Firewall
- ↳ OmniAccess 5740/5780
- ↳ OmniAccess ESR 5720
- ↳ OmniAccess 5510
- DATA - Network Management
- ↳ OmniVIsta 3600 Air Manager
- ↳ OmniVista 2500 v4.x
- ↳ OmniVista 2500 v3.5
- ↳ OmniVista 2500/2700 v3.4 and older
- ↳ OmniVista Cirrus
- ↳ Alcatel Quarantine Manager
- ↳ Fortigate Security
- DATA - Service Provider
- ↳ 5520 ASAM
- ↳ 5620 SAM
- ↳ 5650 CPAM
- ↳ 5670 RAM
- ↳ 5750 SSC
- ↳ 7210 SAS
- ↳ 7360 ISAM
- ↳ 7450 ESS
- ↳ 7450 Ethernet Service Switch
- ↳ 7750 Service Router
- ↳ 7705 SAR
- ↳ 7750 SR
