Forum Discussion
Chris_Phillips
Jun 15, 2007Nimbostratus
no, there's no mechanism on the client side, but i can say that if a switch can get a syslog message in UDP to one of my two pairs of LTM 6400's then from that point on i can guarantee that it will reach one of the 4 members of the syslog server pool via tcp, which can't give me that level of assurance / resilience from a single IP address.
i guess that what i could do is log the udp payload to the LTM itself and then let the underlying syslog-ng instance on the LTM's forward that log on as a seperate thing with TCP, but i don't like the idea of tinkering under the hood. everything thing like that i do is yet another thing that i have to manually redo each time i upgrade the software etc...
we use a combination of snmp and syslog here, generally favouring syslog over snmp traps, but then snmp traps are UDP too. and we can't poll for an interface bouncing over a few seconds, that's for a log message.