Community
Command Central
MVP Program
Monthly Mission
Blogs
Groups
Events
Media Vault
Products
Observability
Network Management
Application Management
IT Security
IT Service Management
System Management
Database Management
Content Exchange
SolarWinds Platform
Server & Application Monitor
Database Performance Analyzer
Server Configuration Monitor
Network Performance Monitor
Network Configuration Manager
SQL Sentry
Web Help Desk
Free Tools & Trials
Home
Products
Network Performance Monitor (NPM)
unable to see syslog messages on web....
alteon180e
I have orion 7.7 installed with the syslog service running. i have a few switches pointing to the syslog service.
Now i can see the syslog messages on the web because i am an admin. users cant see messages from any of these devices.
i have account limitations in for the nodes being monitored. so these users see what they are suppose to....
the devices in question have CLIP's (circuit-less ip adress) these clips are like loopback addresses (im pushing the definition a bit). Now when i poll them they respond from that ip. when they send syslog messages they are sending them out a routing interface with a different ip....ex.
"core switch 1": node details shows ip address of : 1.1.10.1
that switch will send a syslog message to the npm box on a specific subnet through rif: 192.168.x.x
now i guess since i have no account limitations i can see anything coming in. but if a user can see the devices defined with an "owner" account limitation, is it filtering out cause that ip is not listed for them to view? does the syslog service tie-in to the account limitations like the npm service does? they are both on the same db being q'd from the same web server so i assume so...but you know what they say about assumptions. if anyone knows what im talking about, i could use some insight. i know the syslog service can't correlate the messages to any of the devices its monitoring because the ip's don't match.....just wondering if this would also limit the ability to see the messages for users with account limitations....
Find more posts tagged with
Accepted answers
All comments
Network_Guru
Hey Mario,
I'm not familiar with CLIPs, however in the Cisco world we use the following command
on our routers to resolve this issue:
rtr#logging source-interface Loopback 0
Not sure if this is possible in the Alteon world...
-=Cheers=-
NG
Isaac
Hello alteon,
I have a similar situation with my Cisco core switches. The monitoring interface that is being polled is a loopback. However, any communication sent to my Orion server would normally originate from a routed interface with a different IP. Luckily for me Cisco has a little feature that lets me do this:
logging source-interface FastEthernet0/0
or
logging source-interface vlan10
As you can see this allows me to send the syslog messages from the loopback management interface and thereby my syslog messages show up bound to the right device in Orion.
If you are not using Cisco gear you may want to look at your vendor documentation to see if they have a similar command set. I am fairly certain that both Foundry and Extreme have this feature available.
Be fantastic.
alteon180e
thanks guys, so i guess the syslog service does use account limiations like npm?
i am aware of the cisco commands, we all use them for traceroutes and whatnot
The Alteon's and Nortel 8600's i am worried about can do the same thing, i was just wondering if there is a correlation on the npm/syslog side, and i guess there is.
their latest software release does it automatically (the clip is the source for all management based traffic eg snmp syslog) but i am lazy about upgrading right now.....
thanks for the quick response, its this kind of community assistance that makes solarwinds just that much better to use
SMLT RULES!!!!!!!
Quick Links
All Categories
Recent Posts
Activity
Unanswered
Groups
Help
Best Of
