Enabling syslog logging

For HCP to send log messages through syslog, you need to specify the IP addresses of one or more syslog servers. Each syslog server IP address that you specify must be routable from the [hcp_system] network. For this reason, if you specify an IPv6 unique local address (ULA) for a syslog server, then the [hcp_system] network must be configured with an IPv6 ULA that can be used to connect to that syslog server. When you specify multiple servers, HCP sends log messages to all of the specified servers.

You also need to select the syslog local facility to which to direct the log messages. This selection applies to all the syslog servers that you specify.

You use the Syslog page in the HCP System Management Console to set up logging through syslog. You also use this page to test the connections to the syslog servers you specify.

To display the Syslog page, in the top-level menu of the System Management Console, select Monitoring Syslog.

Roles: To view the Syslog page, you need the monitor, administrator, security, or compliance role. To configure syslog logging and test the connections to syslog servers, you need the administrator or security role.

To configure HCP to send log messages to syslog servers, on the Syslog page:

Specify syslog settings:

oSelect Enable syslog.

oTo include log messages about compliance events, select Send compliance events.

oTo include log messages about security events, select Send security events.

oIn the Send log messages at this level or higher field, select the severity level of messages to be sent to the specified syslog servers:

OFF tells HCP not to send any log messages.

NOTICE sends messages with a severity level of Notice, Warning, or Error.

WARNING sends messages with a severity level of Warning or Error.

ERROR sends only messages with a severity level of Error.

oIn the HTTP access Facility field, select the syslog local facility to which to direct log messages. The options are local0 through local7.

oTo include log messages about HTTP-based data access events, select Send log messages for HTTP-based data access requests. When you enable this option, HCP sends information to the syslog regarding data access requests that use the HTTP namespace access protocol.

oIn the MAPI access Facility field, select the syslog local facility to which to direct log messages. The options are local0 through local7.

oTo include log messages about management API request events, select Send log messages for management API requests. When you enable this option, HCP sends information to the syslog regarding request events that use the HCP management API.

Then click Update Settings.

Tip: Before you submit your changes, you can test the connections to the specified syslog servers, as described in Testing syslog connections.

Specify one or more syslog server IP addresses. For each syslog server that you want to use with HCP, specify the IPv4 or IPv6 address that you want HCP to use to connect to that server.

You specify each syslog server IP address as a separate entry in the syslog server list. To add an IP address to the syslog server list:

1.In the Syslog Server IP Addresses field, type the IP address, optionally followed by a colon and a port number. If you omit the port number, HCP uses port number 514.

Each entry in this list must be a single IP address. IP address ranges and comma-separated lists are not valid.

2.Click Add.

The specified IP address moves into the list below the field.

To remove an IP address from the syslog server list, click the delete control (  ) for that IP address. To remove all the IP addresses from the list, click Delete All.

© 2015, 2020 Hitachi Vantara LLC. All rights reserved.