Chapter 6: syslogs – Fluke Network Router User Manual

User’s Guide – version 1.6

NetWatch

32

Chapter 6: Syslogs

The Syslog protocol is an event notification protocol that allows a machine be it a
Server, Hub, Switch or Router to send event notification messages to ‘event message
collectors’ -also known as ‘Syslog servers’.

Syslogs and NetWatch

NetWatch has its own built in fully featured Syslog server. Any Syslog messages sent
to the NetWatch Server will be stored in a Syslog message event database.

Enabling Syslog Reception

To allow NetWatch to receive syslog messages, turn on the “Use Syslog Receiver”
option on the Admin | System Settings page. The NetWatch service requires a restart
after changing this setting.

Syslog Severity/Priorities and Reporting

Each syslog sent from a device has an encoded severity. These are described in the
following table.

Emergency:

System is unusable.

Alert:

Action must be taken immediately.

Critical: Critical

Conditions.

Error:

Error

Conditions.

Warning:

Warning

Conditions.

Notice:

Normal

but

significant

condition.

Informational:

Informational

messages.

Debug:

Debug-level

messages.

Each one of these severity levels is assigned to a NetWatch priority level as decided
by the administrator in the ‘Syslog Configuration Section’.

Only messages of a certain priority will be viewed and processed by the reporting
system. The ‘Syslog Configuration Section’ can also configure this.

For details of viewing and processing syslog messages refer to Chapter 5 ‘The Reporting System’.

Configuring Devices to Send Syslogs to NetWatch

For Syslogs to be viewed and processed by NetWatch devices must be configured to
send its Syslog messages to the NetWatch Server. Using the CISCO IOS for example
syslogs are sent to the NetWatch Server with the following command:

Logging Hostname or A.B.C.D (

IP address of the NetWatch Server)