- Notes, cautions, and warnings
- Overview
- Getting Started with ECS
- Storage Pools, VDCs, and Replication Groups
- Authentication Providers
- Namespaces
- Users and Roles
- Identity and Access Management (S3)
- Buckets
- File Access
- Introduction to file access
- ECS multi-protocol access
- Working with NFS exports in the ECS Portal
- Working with user/group mappings in the ECS Portal
- ECS NFS configuration tasks
- Mount an NFS export example
- NFS access using the ECS Management REST API
- NFS WORM (Write Once, Read Many)
- S3A support
- Geo-replication status
- Maintenance
- Certificates
- ECS Settings
- ECS Outage and Recovery
- Advanced Monitoring
- Advanced Monitoring
- View Advanced Monitoring Dashboards
- View mode
- Export CSV
- Data Access Performance - Overview
- Data Access Performance - by Namespaces
- Data Access Performance - by Nodes
- Data Access Performance - by Protocols
- Disk Bandwidth - by Nodes
- Disk Bandwidth - Overview
- Node Rebalancing
- Process Health - by Nodes
- Process Health - Overview
- Process Health - Process List by Node
- Recovery Status
- SSD Read Cache
- Tech Refresh: Data Migration
- Top Buckets
- Automatic Metering Reconstruction
- Share Advanced Monitoring Dashboards
- View Advanced Monitoring Dashboards
- Flux API
- Dashboard APIs
- Advanced Monitoring
ECS 3.5.0.1 Administration Guide
Server-side filtering of Syslog messages
This topic describes how an ECS Syslog message can be further filtered with server-side configuration.
You can configure Syslog servers in the ECS Portal (or by using the ECS Management REST API) to specify the messages that are delivered to the servers. You can then use server-side filtering techniques to reduce the number of messages that are saved to the logs. Filtering is done at the facility level. A facility segments messages by type. ECS directs messages to facilities as described in the following table.
| Facility | Keyword | Defined use | ECS use |
|---|---|---|---|
| 1 | user | User-level messages | Fabric alerts |
| 3 | daemon | System daemons | OS messages |
| 4 | auth | Security and authorization messages | ssh and sudo success and failure messages |
| 16 | local0 | Local use 0 | Object alerts, object audits |
| All facilities | * |
For each facility, you can filter by severity level by using the following format:
facility-keyword.severity-keyword
Severity keywords are described in the following table.
| Severity level number | Severity level | Keyword |
|---|---|---|
| 0 | Emergency | emerg |
| 1 | Alert | alert |
| 2 | Critical | crit |
| 3 | Error | err |
| 4 | Warning | warn |
| 5 | Notice | notice |
| 6 | Informational | info |
| 7 | Debug | debug |
| All severities | All severities | * |
Please provide ratings (1-5 stars).
Please provide ratings (1-5 stars).
Please provide ratings (1-5 stars).
Please select whether the article was helpful or not.
Comments cannot contain these special characters: <>()\