TABLE OF CONTENT
Table of Contents |
---|
OVERVIEW
Extreme Wireless controller is an device from where we take logs.
For that we need 514 port to be allowed from customers firewall.
STEPS OF CONFIGURATION
STEP 1: Login to the extreme wireless controller
STEP 2: From the top menu click on CONTROLLER
...
STEP 3: From the left panel click LOGS
...
STEP 4: In the Syslog section, to enable the Syslog function for up to three syslog servers, select the check boxes as shown below. Your setup may be slightly different.
...
STEP 5: For each enabled Syslog server, in the IP box, type a CCE server’s IP address. This is the server that will receive the logs.
In the Port# box, the default port for syslog(514) is displayed. CCE also uses the same port, so keep it as default.
STEP 6: To include all system messages, select the Include all services messages check box. If the box is not selected, only component messages ( logs and traces) are relayed. This setting applies to all the three servers. The additional service message is: DHCP messages reporting users receiving IP addresses.
...
STEP 7: To include audit messages, select the Include audit messages check box.
...
STEP 8: To include station session event messages, select the Include station event messages checkbox
...
STEP 9: In the Application Logs drop-down list, click the log level (local0 - local6) to be sent to the syslog server. this setting apples to all three servers.
STEP 10: If the include all service messages check box is selected, the Service Logs drop-down list become available. Select the log level (local 0 - local 6)to be sent to the syslog server. This setting applies to all three servers.
STEP 11: If you select the Include Audit Messages checkbox, the Audit Logs drop-down list become available. Select the log level (local 0 - local 6) to be sent to the syslog server. This setting applies to all the three serves.
STEP 12: If you select the Include station event messages check box, the Station Logs drop-down list becomes available. Select the log level (local0 - local6) tp be sent to the syslog server. This setting applies to all the three servers.
STEP 13: To apply your changes, click Apply.
...
VERIFICATION OF CONFIGURATION
Verification can be done either from CCE Server or from UI.
Using UI
STEP 1: Login to UI >> SYSTEM
...
STEP 2: >> LOGS AND FLOWS COLLECTION STATUS .
...
STEP 3: >>Inside SOURCE DEVICE IP, IP will reflect.
...
Using CCE SERVER
“sudo tcpdump -i any host 514 and host <IP address> -AAA” command should be ran on CCE server to check wheather or not we are getting logs .
...