The info-center loghost command configures the current device to send system logs or syslogs to a specified log host.
The undo info-center loghost command restores the default configuration of sending logs to a specified log host.
Public System:
info-center loghost ip-address [ channel { channel-number | channel-name } | facility local-number | language language-name | { vpn-instance vpn-instance-name | public-net } | source-ip source-ip-address | local-time | log-counter { disable | enable } | transport { udp | tcp ssl-policy policy-name [ verify-dns-name dns-name ] } | port port | security-log | operation-log ] *
info-center loghost ipv6 ipv6-address [ channel { channel-number | channel-name } | facility local-number | language language-name | local-time | log-counter { enable | disable } | transport { udp | tcp ssl-policy policy-name [ verify-dns-name dns-name ] } | port port | security-log | operation-log ] *
info-center loghost domain domain-name [ vpn-instance vpn-instance-name ] [ channel { channel-number | channel-name } | facility local-number | language language-name | log-counter { disable | enable } | local-time | transport { udp | tcp ssl-policy policy-name [ verify-dns-name dns-name ] } | port port | security-log | operation-log ] *
undo info-center loghost ip-address [ vpn-instance vpn-instance-name ]
undo info-center loghost ipv6 ipv6-address
undo info-center loghost domain domain-name
Virtual System:
info-center loghost ip-address [ source-ip source-ip-address | port port ] *
undo info-center loghost ip-address
| Parameter | Description | Value |
|---|---|---|
ip-address |
Specifies the IP address of a log host. |
The value is in dotted decimal notation. |
channel |
Specifies a channel through which a device sends logs to a log host. |
- |
channel-number |
Specifies the number of a channel through which a device sends logs to a log host. |
The value is an integer ranging from 0 to 9. The system has 10 channels. The default value is 2. NOTE:
The log host uses channel 2 by default. If you need to customize the channel number, you are advised to use channel 6, channel 7, or channel 8 instead of channel 9. If channel 9 is used, log files of some modules may not be recorded or some module logs may not logged to the hard disk. |
channel-name |
Specifies the name of a channel through which a device sends logs to a log host. |
The value is a string of 1 to 30 characters, spaces, "-", "/", and "\" not supported. The first character can only be a letter. The default value is loghost. |
facility local-number |
Identifies the device that generates a log. Users can plan the local value for the log information of a device. After the configuration, the log server that supports the facility field can filter logs based on this parameter after receiving the log information. The parameter cannot be set when service logs need to be sent to log hosts. |
The value ranges from local0 to local7. The default value is local7. |
language language-name |
Specifies the log language mode. NOTE:
Only the language modes that are loaded to the system are supported. To specify a language mode other than English, run the language-mode command to load the language mode in the user view first. |
Currently, the system supports only English and Chinese languages. The default language is English. |
vpn-instance vpn-instance-name |
Specifies a VPN instance name. |
The value is a string of 1 to 31 case-sensitive characters, spaces not supported. When double quotation marks are used around the string, spaces are allowed in the string. NOTE:
_public_ cannot be specified as a VPN instance name. |
public-net |
Specifies the public network as the network in which a device sends logs to a log host. When public-net and vpn-instance vpn-instance-name are not configured, two situations are available:
The parameter cannot be set when service logs need to be sent to log hosts. |
- |
source-ip source-ip-address |
Specifies the source address of packets sent to loghost. |
The value is in dotted decimal notation. |
local-time |
Specifies the time of sending logs to the log host as local time. If this parameter is not configured, the system sends logs to the log host at the UTC time. |
- |
log-counter disable |
Disables the log counting function. |
- |
log-counter enable |
Enables the log counting function. By default, the log counting function is enabled. |
- |
transport |
Indicates the information transport mode. The parameter cannot be set when service logs need to be sent to log hosts. |
- |
udp |
Indicates the UDP transport mode. |
- |
tcp |
Indicates the TCP transport mode. |
- |
ssl-policy policy-name |
Specifies a Secure Sockets Layer (SSL) policy in the TCP transport mode. This parameter is recommended to improve log transmission security. |
The value is a string of 1 to 23 case-sensitive characters, spaces not supported. |
port |
Specifies the interface number of a log host. |
The value is an integer ranging from 1 to 65535. If UDP is specified as the transport mode, the default port number is 514. If SSL is specified in TCP transport mode, the default port number is 6514. NOTICE:
If the eLog host is used to receive service logs, the port number is set to 514 because the eLog host uses port 514 to receive both non-encrypted service logs and certificate-encrypted service logs. |
verify-dns-name dns-name |
Verify DNS identifier name. This parameter is supported since V600R007C20SPC300. |
The value is a string of 1 to 255 case-sensitive characters, spaces not supported. |
security-log |
Configures a device to send security logs to a specified log host. This parameter is supported since V600R007C20SPC300. |
- |
operation-log |
Configures a device to send operation logs to a specified log host. This parameter is supported since V600R007C20SPC300. |
- |
ipv6 ipv6-address |
Specifies the IPv6 address of a log host. The FW cannot send service logs to log hosts with IPv6 addresses. |
The value is a hexadecimal number in the format of X:X:X:X:X:X:X:X. |
domain domain-name |
Specifies a Domain Name System (DNS) domain name for a log host. The FW cannot send service logs to log hosts with DNS domain names. |
The value is a string of 1 to 255 case-sensitive characters, spaces not supported. NOTE:
When double quotation marks are used around the string, spaces are allowed in the string. |
The logs information about device operation in real time. By specifying the IP address or domain name of a log host, log information can be output to the log host with the specified IP address or domain name for storage and query. To check device operating status when faults occur, you can query log information on a log host. Log information provides reference for locating faults and recording change information of the system.
The system supports a maximum of eight log hosts to implement backup among log hosts.
By default, a device does not send logs to a log host.
# Configure a device to send logs to a log host with the IP address set to 192.168.2.2.
<sysname> system-view [sysname] info-center loghost 192.168.2.2
<sysname> system-view [sysname] ssl policy ftps_der [sysname-ssl-policy-ftps_der] trusted-ca load pem-ca 1_cacert_pem_rsa.pem [sysname-ssl-policy-ftps_der] trusted-ca load pem-ca 1_rootcert_pem_rsa.pem [sysname-ssl-policy-ftps_der] quit [sysname] info-center loghost 192.168.2.2 transport tcp ssl-policy ftps_der