Create Syslog for select events
Syslog
stands for System Logging Protocol and is a standard protocol used to send system log or event messages to a specific server, called a syslog server. It is primarily used to collect various device logs from several different machines in a central location for monitoring and review. It allows the separation of the software that generates messages, the system that stores them, and the software that reports and analyzes them. Each message is labeled with a facility code, indicating the software type generating the message, and assigned a severity level.Starting from version 6.21.00,
FactoryTalk Linx
could generate SysLog for select events including CIP Security configuration changes, network configuration changes, and system powerup. Then the Syslog messages can be displayed in the Syslog server.Prerequisite
- Ensure the devices that apply syslog are added in the same zone inFactoryTalk Policy Manager.
To enable and configure the Syslog server
- In theStartmenu, selectRockwell Software>.FactoryTalk Policy Manager
- InGlobal Settings, selectEnable security eventing using Syslog server.
- InSever Settings,
- Select IP Address or Hostname.
- Enter the Port number and Protocol.
- InFilter Settings, specifyEvent types that will generate messagesandLowest level of severity to log.
- InMessage Settings, specify theSequence ID,Time quality, andTime resolutions.
- ClickDeploy.
FactoryTalk Linx
could generate SysLog for CIP Security configuration changes, network configuration changes, and system powerup. The table below lists the detailed events that FactoryTalk Linx
supported.Category | Events |
|---|---|
CIP Security configuration changes |
|
Network configuration changes |
|
System powerup | Restart the FactoryTalk Linx service. |
Provide Feedback