This article covers prerequisites required to configure Arista Switch Syslog and steps to configure this Arista switch in detail.
Arista's devices are multilayer switches, which support a range of layer 3 protocols,[59] including IGMP, Virtual Router Redundancy Protocol (VRRP), Routing Information Protocol (RIP), Border Gateway Protocol (BGP), Open Shortest Path First (OSPF), IS-IS, and OpenFlow. The switches are also capable of layer 3 or layer 4 equal-cost multi-path routing (ECMP) and applying per-port L3/L4 access-control lists (ACLs) entirely in hardware.
Prerequisites
- Arista EOS 4.23.x and above should be installed.
- Administrative access on Arista EOS Switch.
- Allow 11728 port number if any firewall exists between the Forwarder and Arista switch.
Configuring syslog in Arista switch
- Log into the Arista switch.
- Go to configuration mode.
- Configure the switch as below to send logs to the Forwarder Server.
-
-
- Arista# config terminal
- Arista(config)# logging host < Eventlog_Server_Ip > < port_number > protocol [tcp/udp] where <Eventlog_Server_Ip> is Forwarder_IP < port_number> is 11728
- Arista(config)# logging trap information
- Arista(config)# copy running-config startup-config
-
-
To configure command execution logging:
-
-
- Arista (config)# aaa accounting commands all console start-stop logging
- Arista (config)# aaa accounting commands all default start-stop logging
- Arista (config)# aaa accounting exec console start-stop logging
- Arista (config)# aaa accounting exec default start-stop logging
- Arista (config)# copy running-config startup-config
-
To Configure logon logging:
-
-
- Arista (config)# aaa authentication policy on-success log
- Arista (config)# aaa authentication policy on-failure log
- Arista (config)# copy running-config startup-config
-
4. Once the configuration is completed, need to validate the logs in chronicle using a regular expression as (".*") this expression or with specific hostname, will provide the log source types which are ingesting to chronicle, below is the screen shot for reference.
Comments
0 comments
Please sign in to leave a comment.