Syslog severity not filtered

Question

I just configured our LTM (running 9.4.6) to send syslogs to a remote server. At this point, I don't need very granular settings, so I just used bigpipe syslog remote server . I noticed that I'm getting a lot of syslogs at the information severity level. Most of them referencing "logger" or "crond". Based on the default severity settings, I wouldn't think I would be sending information level logs. Is there something else at play here?
&nbsp; 
&nbsp;[root@device:Active] config  b syslog list all
&nbsp;syslog {
&nbsp;   partition Common
&nbsp;   authpriv from notice
&nbsp;   authpriv to emerg
&nbsp;   cron from warning
&nbsp;   cron to emerg
&nbsp;   daemon from notice
&nbsp;   daemon to emerg
&nbsp;   include none
&nbsp;   kern from notice
&nbsp;   kern to emerg
&nbsp;   local ip none
&nbsp;   mail from notice
&nbsp;   mail to emerg
&nbsp;   messages from notice
&nbsp;   messages to warning
&nbsp;   remote port 514
&nbsp;   remote server 1.2.3.4
&nbsp;   userlog from notice
&nbsp;   userlog to emerg
&nbsp;}&nbsp;

george_watkins_ · Answer

Hi,  
&nbsp;  
&nbsp; If you'd like to filter the log levels more granularly, there is an article for custom syslog configurations here on DevCentral: http://devcentral.f5.com/Default.aspx?tabid=63&amp;articleType=ArticleView&amp;articleId=155 
&nbsp;  
&nbsp; It is slightly dated, but should work fine for 9.4.6. Hope this helps, 
&nbsp;  
&nbsp; -George

Forum Discussion

Syslog severity not filtered

1 Reply

Recent Discussions

Error while running ansible

ASM instance creation

[ASM] - what is "Browser Challange file" ?

[ASM] - HTML5 Cross-Domain Request Enforcement - CLI command

Reverse Proxy Not Behaving

Related Content

Copy over self IPs from several partitions

Tcp syslog

Protect an application spread across several locations with F5 XC WAAP and Multi-Cloud Networking

LTM 9.4.2+: Custom Syslog Configuration

BIG-IP to Process TLS Syslog Traffic