Netonix Forums

So I had syslog setup on a few switches and didn't pay much attention to it until I had a problem with one switch and found that I had no logs - not before losing connectivity nor after regaining it.

The config looked not unlike this:



Note that "Host" is filled in (the syslog host, one would presume), and the "NMS IP" is blank. This validates and saves without error.

I then added the IP I had in the "host" field to the "NMS IP" field and logging started:



I'm totally lost on what the difference is between these two fields. "Host" would imply "the host I want to send syslog messages to", and "NMS IP" I'm guessing means "Network Management Station IP". Both make sense as a destination, but if NMS IP is required for remote syslog, then require the field. Host is required and appears to only accept an IP.

What's the difference? I thought maybe "Host" was to be the switch's hostname and would prepend to the logs, but it's not that as it doesn't accept a hostname...

NMS IP field is exactly what it says, your Network Monitoring Server IP.

This way it does not log queries from this IP in the Log and fill up your log with connection entries every time your NMS server queries the switch.

That's bizarre. Why does it not log to the syslog server defined in "Host" if "NMS IP" is blank?

Filtering and such is usually done at the syslog server.

sporkman wrote:That's bizarre. Why does it not log to the syslog server defined in "Host" if "NMS IP" is blank?

Filtering and such is usually done at the syslog server.

People complained that the switch log was FULL of NMS Server queries and also why log that query to the SYSLOG server every time your NMS Server queries the switch which if you do this every minute that is 1440 log entries if polling the switch every minute.

NMS IP can be blank and it still logs to SYS LOG server. it does for me anyway?

If you would have moused over the "NMS IP" a balloon would pop up and explain what the purpose is for the NMS IP

Many items on the UI have mouse over balloons that pop up to explain things

CLICK IMAGE TO VIEW FULL SIZE

sirhc wrote:NMS IP can be blank and it still logs to SYS LOG server. it does for me anyway?

I swear to god it wasn't. Maybe test with a reboot between toggling it empty/not-empty (I don't have one on the bench handy)?

It's the whole reason I started the thread - I was looking at the FC issue, noticed I had zero logs from any of my netonix switches, then started screwing around and added the IP of my syslog server in the "NMS IP" field. At that point, logs started showing up.

Also what are people hitting these things with that generates logs? I probe them, but it's all SNMP. Are others scraping stats out of the cli or something?