Configuration procedure – H3C Technologies H3C SecBlade NetStream Cards User Manual

277

Figure 84 Network diagram for outputting log information to a Linux log host

Configuration procedure

Before the configuration, make sure that there is a route between SecBlade and PC.

1.

Configure the SecBlade

# Enable information center.

<SecBlade> system-view
[SecBlade] info-center enable

# Specify the host with IP address 1.2.0.1/16 as the log host, use channel loghost to output log
information (optional, loghost by default), and use local5 as the logging facility.

[SecBlade] info-center loghost 1.2.0.1 channel loghost facility local5

# Disable the output of log, trap, and debugging information of all modules on channel loghost.

[SecBlade] info-center source default channel loghost debug state off log state off trap
state off

CAUTION:

As the default system configurations for different channels are different, you need to disable the output of
log, trap, and debugging information of all modules on the specified channel (loghost in this example)
first and then configure the output rule as needed so that unnecessary information will not be output.

# Configure the information output rule: allow log information of all modules with severity equal to or
higher than informational to be output to the log host.

[SecBlade] info-center source default channel loghost log level informational state on

2.

Configure the log host

Step 1: Log in to the log host as a root user.
Step 2: Create a subdirectory named SecBlade under directory /var/log/, and create file info.log under
the SecBlade directory to save logs of SecBlade.

# mkdir /var/log/SecBlade
# touch /var/log/SecBlade/info.log

Step 3: Edit file /etc/syslog.conf and add the following contents.

# SecBlade configuration messages
local5.info /var/log/SecBlade/info.log

Internet

PC

1.1.0.1/16

1.2.0.1/16

SecBlade

NSC

Device