How to configure the switch to backup events on a SYSLOG server

Zyxel_Arisa

The example shows administrators how to set up the switch to send system log events to a remote syslog server.

Note:

All network IP addresses and subnet masks are used as examples in this article. Please replace them with your actual network IP addresses and subnet masks. This example was tested using XGS4600-32 (Firmware Version: V4.50).

1.Configure the Switch-1

1-1. Enter the web GUI and go to Menu > Management > Syslog Setup > Syslog Server Setup. Activate the syslog server setup and set up the server IP address. In this example, it is 192.168.1.200. Choose the Log Level you prefer (Level 0-7 in this example). The wider the range, the more detailed log will be recorded. Remember to click “Add”.

Note:

Log Level refers to which events should be sent to the Syslog Server.

Severity: Emergency (0), Alert (1), Critical (2), Error (3), Warning (4), Notice (5), Informational (6), and Debug (7).

1-2. In the same page, activate the Syslog and activate the logging type you prefer. Also, remember to click “Apply”.

1-3. Click Save to save the configuration.

2.Test the Result

2-1. Unplug and re-plug PC-1 from the switch.

2-2. The Syslog Server should receive an event log from the switch.

2-3. We can also check the directory (“C:\app\Tftpd64” in this example) to find out if a text file is created on the Syslog Server.

3.What could go wrong?

3-1. If Switch-1 and Syslog Server are in different subnets, remember to set default gateway so that Switch-1 and the Syslog Server can communicate with each other.

3-2. Confirm the service port number of the Switch-1 and the Syslog Server are the same. (Default service port for the Syslog Server in the Switch-1 is 514).