Help

Isilon

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Last reply by 02-01-2023 Unsolved
Start a Discussion
2 Bronze
2 Bronze
242
‎01-31-2023 10:14 AM

Isilon custom syslog port (1/2023)

Hi,

We have a need to change Dell Isilon syslog port other than default port 514, I know this question has already been asked in 2017 Does anyone know if it’s now possible? We have multiple Isilon's that need to send syslog data to a centralized log ingestor using a unique port. 

0 Kudos
Accept as Solution
Replies (2)
2 Bronze
2 Bronze
235
‎01-31-2023 12:50 PM

We have used the following process to send syslog to splunk, Problem is it seems you have to do it after each upgrade:

#backup /etc/services#
cp /etc/services /ifs/data/Isilon_Data/Servicesbackup/services.bak

#make working copy of service#
cp /etc/services /ifs/data/Isilon_Data/Servicesbackup/services.working

#comment out and add port to services.working with VI.  Ports are in numerical order
.
#syslog 514/udp
.
.syslog XXXX/udp #syslog for splunk

#copy working to /etc on all nodes
isi_for_array cp /ifs/data/Isilon_Data/Servicesbackup/services.working /etc/services 

#restart syslog deamon#
isi_for_Array -s 'pkill -HUP sylogd'isi aud

You should now be able to run a tcpdump for the port and see the logs passing.  






 

Accept as Solution
2 Bronze
2 Bronze
In response to tchstnut
218
‎02-01-2023 12:57 PM

Thanks for sharing.

0 Kudos
Accept as Solution
Latest Solutions
Load more
See More
Top Contributor