How to direct syslog messages to an external syslog server?
SummaryThis article explains how to point ZD to send syslog messages to an external syslog server.
QuestionHow to direct syslog messages to an external syslog server?
Customer EnvironmentZD managed wireless network
Root CauseCentralized location for collecting syslog messages from various network devices including the ZoneDirector and managed APs.
ResolutionZoneDirector by default saves syslog messages internally. But it has limited memory space and it doesn't hold the old messages if the ZoneDirector is rebooted. In addition, ZD managed APs have same limitations and they don't direct their syslog messages to the ZD.
As an alternative, an external syslog server can be used to direct messages from ZD as well as from managed APs. It will collect syslog messages and won't be limited by storage space and system reboots.
To specify an external syslog server in the ZD, go to the "Log Settings" section on the Configure --> System page. Enable reporting to a remote syslog server and specify its IP address. From this point on this syslog server will show the messages.
Couple of important points:
1. It is important to set the event log level to "Show more" so the messages won't be limited to only warning and critical events.
2. If you are interested only in the ZD side events keep the "Inherit remote syslog server for APs" unchecked. Otherwise leave it checked.
3. Choose the appropriate time zone under the "System Time" to have syslog messages time stamped correctly.