Forum Discussion
Hello Lee,
I'm using partitioning on the VCMP. I'm having 2 partitions routed by 2 differents route-domain.
With the following configuration, I'm able to send the syslog messages to 2 different syslog servers My problem is that each of the 2 syslog server are receiving the syslog message as well the messages related to partitionA pool/nodes/vs as well as the one from the partitionB pool/nodes/vs....
The goal would be that partition A syslog only receives the logs from his local traffic (LTM) pool/nodes/vs and not the one of another partition.
As this setup is to use for multi-tenant using partitions and route-domains to isolate traffic, tenant A should not have the "rights" to see log messages related to TenantB LTM object.
The syslog configuration I did is the following ( hope you are seeing the screenshots):
Log Filters :
Log destinations :
Log Publishers :
Many thanks in advance. Regards Frédéric
I've had a look at some other configurations and I'm not convinced that having a publisher or destination in a partition means it will only process logs for that partition.
I believe it's more a case that the log destination is located in a particular partition. To quote the help section of Log Publisher in the GUI:
Partition / Path: Specifies the partition or path to which the log publisher belongs.
Log entries in /var/log/ltm are essentially partition agnostic, although they do list the partition as part of the entry (so could be filtered at destination). Essentially you're sending a copy of these logs to each of your syslog servers.
Someone on here may be able to offer an alternate view but I'm not sure you can distinguish partition logs this way. That's not to say it can't be done.
Are you able to filter log messages on the syslog server itself rather than at source?
Having each tenant have their own vCMP guest would achieve what you need but you obviously have resource and licence constraints to attend with.
Sorry if I couldn't be more helpful