Configuring Default Syslog Settings Using the CLI
Follow thes steps to set the default settings for all syslog servers. These settings override any global settings on the appliance.
- Alert Level
- Delivery Frequency
- Notification Format
- Syslog Facility
For more detailed information on configuring default remote system logs, see the CLI Reference Guide.
Prerequisites
- You must have Admin or Operator access to the Malware Analysis appliance CLI.
Default Alert Level
Set the alert severity for all notifications: fenotify rsyslog default send-as <severity> command.
For example, to set all notifications at the alert severity (recommended):
hostname (config) # fenotify syslog default send-as alert
Delivery Frequency
Set the delivery frequency for all notifications: fenotify rsyslog default delivery <frequency> command.
For example, to send a notification after each alert (recommended):
hostname (config) # fenotify syslog default delivery per-event
Notification Format
Set the format for all notifications using the fenotify rsyslog default format <format> command.
For example, to use the CEF format:
hostname (config) # fenotify syslog default format cef
Syslog Facility
Set the syslog facility value for all notifications using the fenotify rsyslog default faclity <value> command.
For example, to set the syslog facility to local 4 (recommended):
hostname (config) # fenotify syslog default facility local4