Connectrix: Brocade B-Series: How to configure the remote syslog for different categories in FOS environments
Summary: Description: A user wants to capture all logs using remote syslog server for different categories: 1-ZONE, 2-SECURITY, 3-CONFIGURATION, 4-FIRMWARE, 5-FABRIC, 6-FW.
This article applies to
This article does not apply to
This article is not tied to any specific product.
Not all product versions are identified in this article.
Instructions
Answer:
1. Verify the host syslog prior to configuring the audit log. This can be done by reviewing the Fabric OS.
Administrator’s Guide in the section for the Audit Log Configuration. https://docs.broadcom.com/doc/FOS-82x-AG (external link)
2. Connect to the switch to generate an audit log and log in using an account assigned to the admin role.
3. Enter the auditCfg --class command, which defines the specific event classes to be filtered.
switch:admin> auditcfg --class 2,4Audit filter is configured.
4. Enter the auditCfg --enable command, which enables audit event logging based on the classes configured in step 2.
switch:admin> auditcfg --enableAudit filter is enabled.
To disable an audit event configuration, enter the auditCfg --disable command.
5. Enter the auditCfg --show command to view the filter configuration. Confirm that the correct event classes are being audited, and that the correct filter state appears. It should be enabled or disabled.
switch:admin> auditcfg --showAudit filter is enabled.
2-SECURITY
4-FIRMWARE
6. Verify the audit event log setup. To do this, make a change affecting an enabled event class. Confirm that the remote host machine receives the audit event messages.
Affected Products
BrocadeArticle Properties
Article Number: 000218379
Article Type: How To
Last Modified: 21 Nov 2025
Version: 3
Find answers to your questions from other Dell users
Support Services
Check if your device is covered by Support Services.