01-22-2021 11:16 AM
Hello,
We are trying to get our contracts between EPGs to log the deny and permit traffic as seen within the Tenant > $tenant > Operational > Packets > L3 Permits/L3 Denys.
According to the obscure documentation it seems that one of the key things that needs to happen to send these logs to syslog is to reassign the default logging facility to "information" and enable the fabric monitoring policy. We see syslog on our syslog server, just not for the contract permits and denys. Changing the default to facility to "information" did not work and we have gone down a rabbit hole of enabling the monitoring policy in every possible place (Fabric/Fabric Access/Tenant/AP/EPG/BD) and still no luck. I don't see the messages popping up in /var/log/external/messages on the leafs either..
Any ideas?
Thanks
Solved! Go to Solution.
01-22-2021 01:56 PM
Agh....seems to be a bug with our current version of Leafs
01-22-2021 01:11 PM
Hi @maced129
If you wish to start the contract logging, you need to enable the log directive under the filter chain:
Double click on the filter entry from contract subject.
Stay safe,
Sergiu
01-22-2021 01:20 PM
Unfortunately, no luck there - all contracts applied to the EPG have log directive enabled.
01-22-2021 01:56 PM
Agh....seems to be a bug with our current version of Leafs
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide