Dell POWEREDGE M1000E User Manual

198

Using the CLI

Syslogs

The CLI uses syslog support to send logging messages to a remote syslog

server. The user configures the switch to generate all logging messages to a

remote log server. If no remote log server exists, then the CLI maintains a

rolling log of at most the last 1000 critical system events.
The following rules and specifications apply:

• The CLI permits the user to configure a remote syslog server to which all

system logging messages are sent.

• Log messages are implementation-dependent but may contain debug

messages, security or fault events.

• If a log server is not specified by the user, the CLI maintains at most the

last 1000 critical system events. In this case, less important events are not

recorded.

Security Logs

Security logs are maintained to record all security events including the

following:

• User login.
• User logout.
• Denied login attempts.
• User attempt to exceed security access level.
• Denied attempts by external management system to access the system.

The security log record contains the following information:

• The user name, if available, or the protocol being accessed if the event is

related to a remote management system.

• The IP address from which the user is connecting or the IP address of the

remote management system.

• A description of the security event.
• A timestamp of the event

If syslog is available, the CLI sends the security log records to the syslog

server. If syslog is not available, the CLI records the last 1000 security log

records in a log separate from the system log records itemized above. Also in

2CSPC4.XModular-SWUM200.book Page 198 Thursday, March 10, 2011 11:18 AM