Non-management VDOMs send logs to both global and vdom-override syslog servers
|
This information is also available in the FortiOS 7.6 Administration Guide: |
FortiOS can now send logs from non-management VDOMs to both global and VDOM-override syslog servers. Previously, configuring an override syslog server under a non-management VDOM would halt the transmission of logs to the global syslog server. The new update ensures uninterrupted log transmission to the global server, enhancing the log management experience.
The config log syslogd override-setting command includes a new option:
config log syslogd override-setting
set use-management-vdom {enable | disable}
end
|
set use-management-vdom {enable | disable} |
Enable/disable use of management VDOM as source VDOM for logs sent to syslog server.
|
|
|
When |
Example
This example covers the following scenarios:
All scenarios use the following IP addresses:
-
Global syslog server: 10.6.30.22
-
Root VDOM gateway: 192.168.5.254
-
Management VDOM (vdom1) gateway: 172.16.200.254
Non-management VDOM with use-management-vdom disabled
In this example, a global syslog server is enabled. For the root VDOM, an override syslog server is enabled with use-management-vdom disabled. For the management VDOM, an override syslog server is enabled. With this configuration, logs are sent to the following locations:
-
All VDOMs, except the root and management VDOMs, send logs to the global syslog server (10.6.30.22).
-
The root VDOM sends logs to its override syslog server at 192.168.5.44.
-
The management VDOM sends logs to its override syslog server at 172.16.200.55.
To configure syslog servers:
-
Enable the global syslog server:
config log syslogd setting set status enable set server "10.6.30.22" set facility local6 end -
For the root VDOM, enable an override syslog server and disable
use-management-vdom:config log syslogd override-setting set status enable set server "192.168.5.44" set use-management-vdom disable set facility local6 end -
For the management VDOM (vdom1), enable an override syslog server:
config log syslogd override-setting set status enable set server "172.16.200.55" set facility local6 end
Non-management VDOM with use-management-vdom enabled
In this example, a global syslog server is enabled. For the root VDOM, an override syslog server and use-management-vdom are enabled. For the management VDOM, two override syslog servers are enabled. With this configuration, logs are sent to the following locations:
-
All VDOMs, except root and management VDOMs, send logs to the global syslog server (10.6.30.22).
-
The root VDOM cannot send logs to syslog servers because the servers are not reachable through the management VDOM.
To send logs to 192.168.5.44, set use-management-vdom to disable for the root VDOM. Alternately, configure the root VDOM to use an override syslog server that is reachable through the management VDOM.
-
The management VDOM sends logs to the override syslog server at 172.16.200.55.
To configure syslog servers:
-
Enable the global syslog server:
config log syslogd setting set status enable set server "10.6.30.22" set facility local6 end -
For the root VDOM, enable an override syslog server and enable
use-management-vdom:config log syslogd override-setting set status enable set server "192.168.5.44" set use-management-vdom enable set facility local6 end -
For the management VDOM, enable an override syslog server:
config log syslogd override-setting set status enable set server "172.16.200.55" set facility local6 end
Non-management VDOM with mix of use-management-vdom enabled and disabled
In this example, a global syslog server is enabled. For the root VDOM, three override syslog servers are enabled with a mix of use-management-vdom set to enabled and disabled. For the management VDOM, an override syslog server is enabled. With this configuration, logs are sent from non-management VDOMs to both global and VDOM-override syslog servers. The logs are sent to the following locations:
-
All VDOMs, except the root and management VDOMs, send logs to the global syslog server (10.6.30.22).
-
The root VDOM sends logs to the following syslog servers:
-
For syslogd, logs are sent to the root VDOM override server at 192.168.5.44 because
use-management-vdomis disabled. -
For syslogd2, logs are sent through the management VDOM to the root VDOM override server at 172.16.200.55 and to the syslog server reachable by the management VDOM because
use-management-vdomis enabled. -
For syslogd3, logs are sent through the management VDOM to the root VDOM override syslog server at 10.6.30.22 and to the syslog server reachable by the management VDOM because
use-management-vdomis enabled.
-
-
The management VDOM (vdom1) sends logs to the override syslog server at 172.16.200.55.
To configure syslog servers:
-
Enable the global syslog server:
config log syslogd setting set status enable set server "10.6.30.22" set facility local6 end -
For root, configure three override syslog servers:
-
For syslogd, enable an override syslog server and disable
use-management-vdom:config log syslogd override-setting set status enable set server "192.168.5.44" set use-management-vdom disable set facility local6 end -
For syslog2, enable an override syslog server and enable
use-management-vdom:config log syslogd2 override-setting set status enable set server "172.16.200.55" set use-management-vdom enable set facility local6 end -
For syslog3, enable an override syslog server and enable
use-management-vdom:config log syslogd3 override-setting set status enable set server "10.6.30.22" set use-management-vdom enable end
-
-
For the management VDOM, configure an override syslog server:
config log syslogd override-setting set status enable set server "172.16.200.55" set facility local6 end