Custom Syslog Port Configuration
Overview
OcNOS allows to set up a syslog server by specifying the logging server as 10.12.33.211. This command transmits syslog messages using the default port, which is 514. However, utilizing the default port for the Syslog server is viewed as a security vulnerability.
It is imperative to have the capability to define a custom port for Syslog. Therefore, a new CLI feature needs to be introduced in OcNOS to enable the configuration of a custom Syslog port.
Support for In-band management over default VRF
OcNOS supports syslog over the default and management VRFs via in-band management interface and OOB management interface, respectively.
By default, syslog runs on the management VRF.
Features
• CLI is supported for user to configure custom syslog port.
• Once configured syslog conf file is updated with the configured port value.
• At the rsyslog server side, stop the running rsyslogd daemon using the command “systemctl stop rsyslog.service”
• Update /etc/rsyslog.conf file with syslog client configured port.
• Start the rsyslog daemon –using systemctl start rsyslog.service.
• Logs will redirect to syslog server through configured port.
• After un-configuring, the port logs will be sent to syslog remote server through default port 514, to receive the logs at server side, it also needs to be set back to default.
• Delete the custom Syslog port.
Last modified date: 10/20/2023