Configuring important EMS events to forward notifications to a syslog server
Suggest changes
PDFs
To log notifications of the most severe events on a syslog server, you must configure the EMS to forward notifications for events that signal important activity.
DNS must be configured on the cluster to resolve the syslog server name.
If your environment does not already contain a syslog server for event notifications, you must first create one. If your environment already contains a syslog server for logging events from other systems, then you might want to use that one for important event notifications.
You can perform this task any time the cluster is running by entering the commands on the ONTAP CLI.
Beginning with ONTAP 9.12.1, EMS events can be sent to a designated port on a remote syslog server via the Transport Layer Security (TLS) protocol. Two new parameters are available:
tcp-encrypted-
When
tcp-encryptedis specified for thesyslog-transport, ONTAP verifies the identity of the destination host by validating its certificate. The default value isudp-unencrypted. syslog-port-
The default value
syslog-portparameter depends on the setting for thesyslog-transportparameter. Ifsyslog-transportis set totcp-encrypted,syslog-porthas the default value 6514.
For details, see the event notification destination create man page.
-
Create a syslog server destination for important events:
event notification destination create -name syslog-ems -syslog syslog-server-address -syslog-transport {udp-unencrypted|tcp-unencrypted|tcp-encrypted}Beginning with ONTAP 9.12.1, the following values can be specified for
syslog-transport:-
udp-unencrypted- User Datagram Protocol with no security -
tcp-unencrypted- Transmission Control Protocol with no security -
tcp-encrypted- Transmission Control Protocol with Transport Layer Security (TLS)
The default protocol is
udp-unencrypted`. -
-
Configure the important events to forward notifications to the syslog server:
event notification create -filter-name important-events -destinations syslog-ems