Can Spectrum be setup as a Syslog server?

Document ID : KB000039876
Last Modified Date : 14/02/2018
Show Technical Document Details

Introduction:

Syslog is a protocol used by most Cisco devices to manage system logs and alerts. When these are raised by the device, then the relevant Network Management System (NMS) such as Spectrum should be able to process them.

Question:

Can Spectrum be setup as a Syslog server?

 

Environment:

Spectrum 9.x and later

 

Answer:

SPECTRUM does not implement a syslog server such as those implemented as defined in RFC 3195. 

SPECTRUM can, however, process asynchronous SNMP traps where the trap payload is a syslog message conforming to the Cisco standard syslog message format.  The typical field application is to install an agent that is capable of monitoring the syslog file for specific regular expressions and forwarding those matches as SNMP traps to SPECTRUM.  The trap will be processed by a model in SPECTRUM that represents the host the agent is running on.  It will attempt to determine the real source of the trap/syslog message and if it can find it, and that model is also modeled in SPECTRUM, an alarm will be generated on the source model.

 

Additional Information:

 

Additional details about this can be found in the SouthBound Gateway documentation (although this is also supported by the SysEdge agent).