I am playing around with enabling syslog in ACI and seeing what kinds of messages it sends out. I am not able to see it send out syslog messages however when someone changes its model via the ACI UI.
The following web page describes how to configure syslogging via the ACI UI:
https://www.packtpub.com/mapt/book/networking_and_servers/9781787129214/8/ch08lvl1sec83/configuring-syslog
While logged into the ACI UI, I did the following:
- Admin -> External Data Collectors -> Monitoring Destinations -> Syslog -> Create Syslog Monitoring Destination Group
- Fabric -> Fabric Policies -> Monitoring Policies -> default -> Callhome/SNMP/Syslog -> Syslog -> Create Syslog Source
- Fabric -> Fabric Policies -> Monitoring Policies -> Common Policy -> Callhome/SNMP/Syslog -> Syslog -> Create Syslog Source
I tried to configure my syslog monitoring to have it send all messages with a severity of INFO and above, and to include both faults and events. I then used the ACI UI to add a new Tenant (named "Steve"). The only syslog messages I received after doing that are the following:
<190> Feb 11 13:25:42 BNA-ACI-CNTRL1 %LOG_LOCAL7-6-SYSTEM_MSG [F0979][retaining][resolution-failed][cleared][uni/tn-Steve/rsTenantMonPol/fault-F0979] Failed to form relation to MO monepg-default of class monEPGPol in context
<188> Feb 11 13:25:42 BNA-ACI-CNTRL1 %LOG_LOCAL7-4-SYSTEM_MSG [F0979][raised][resolution-failed][warning][uni/tn-Steve/rsTenantMonPol/fault-F0979] Failed to form relation to MO monepg-default of class monEPGPol in context
Both of those messages (one INFO level and the other WARNING level) are complaining about the fact that it had some problem relating the new tenant to some default monitoring policy. I see no messages indicating that a new tenant was created however. The UI does show the tenant as successfully created however.
Is there something I missed in configuring syslog in ACI here, or does ACI simply never send config-change type syslog messages?
Thanks,
Steve
