Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2115
Views
6
Helpful
1
Replies

Syslog in ACI Common vs Default

Go to solution
udo.konstantin
Level 1
Level 1

‎12-02-2020 07:58 AM

Hello, 

 

I'm currently configure Syslog in ACI. I noticed there are two places where to define the syslog sources. 

  • Fabric - Fabric Policies - Policies - Monitoring - Common Policy - Callhome/Smart Callhome/SNMP/Syslog/TACACS
  • Fabric - Fabric Policies - Policies - Monitoring - default - Callhome/Smart Callhome/SNMP/Syslog/TACACS

From the Cisco Documentation the Common Policy is the one which is taken if no other more specific policy is assigned.

But it's not clear why the second one default must be configured?  

 

Any comments? 

 

Thanks 

Udi 

1 person had this problem
Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Andrea Testino
Cisco Employee
Cisco Employee

‎12-09-2020 05:57 AM

Hi Udi,

 

Did you see somewhere in the ACI documentation that the "default" one must be configured as well, or just noticed that it gets heavily referenced alongside the common one?

 

As I understand it, you can have a default policy configured for certain objects and for only certain sources. By doing this, said sources would not be configured for objects in a different hierarchy. On the other hand, configuring common would cover all the objects excluded in a more specific policy. For example, if you were starting in a Greenfield configuration, and you are going to use common source to monitor all objects, then you should only need to configure the "Common Fabric Policy" (this is the scenario wherein you should not need the default one at all).

 

I'm sure you've run into this before but there's a good ACI syslog technote @ https://community.cisco.com/t5/data-center-documents/technote-syslog-in-the-aci-fabric/ta-p/3163966 

 

 

- Andrea, CCIE #56739 R&S

View solution in original post

1 Reply 1

Go to solution
Andrea Testino
Cisco Employee
Cisco Employee

‎12-09-2020 05:57 AM

Hi Udi,

 

Did you see somewhere in the ACI documentation that the "default" one must be configured as well, or just noticed that it gets heavily referenced alongside the common one?

 

As I understand it, you can have a default policy configured for certain objects and for only certain sources. By doing this, said sources would not be configured for objects in a different hierarchy. On the other hand, configuring common would cover all the objects excluded in a more specific policy. For example, if you were starting in a Greenfield configuration, and you are going to use common source to monitor all objects, then you should only need to configure the "Common Fabric Policy" (this is the scenario wherein you should not need the default one at all).

 

I'm sure you've run into this before but there's a good ACI syslog technote @ https://community.cisco.com/t5/data-center-documents/technote-syslog-in-the-aci-fabric/ta-p/3163966 

 

 

- Andrea, CCIE #56739 R&S
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card

Save 25% on Day-2 Operations Add-On License