NXLog Docs

Brocade switches

Brocade switches can be configured to send Syslog messages to a remote destination, UDP port 514. NXLog can be configured to collect Brocade logs.

Log sample
2017/03/22-23:05:12, [SEC-1203], 113962, FID 128, INFO, fcsw1, Login information: Login successful via TELNET/SSH/RSH. IP Addr: admin2

The best way to configure a Brocade switch is with the command line interface. In the case of multiple switches running in redundancy mode, each device must be configured separately.

More details on configuring Brocade switches can be found in the Brocade Document Library: search for a particular switch model and select Installation & Configuration Guides from the Filter list.

The steps below have been tested with Brocade 4100 series switches and OS v6. Newer software versions may have additional capabilities, such as sending logs over TLS.
  1. Configure NXLog for receiving Syslog entries via UDP (see the example below), then restart NXLog.

  2. Make sure the NXLog agent is accessible from the switch.

  3. Log in to the switch via SSH.

  4. Run the following commands. Replace LEVEL with an integer corresponding to the desired Syslog local facility (see the example). Replace IP_ADDRESS with the address of the NXLog agent.

    # syslogdfacility -l LEVEL
    # syslogdIpAdd IP_ADDRESS
    Example 1. Sending logs with local5 facility

    The following commands query the current Syslog facility and then set up Syslog logging to 192.168.6.143 with Syslog facility local5.

    fcsw1:admin> syslogdfacility
    Syslog facility: LOG_LOCAL7
    fcsw1:admin> syslogdfacility -l 5
    Syslog facility changed to LOG_LOCAL5
    fcsw1:admin> syslogdIpAdd 192.168.6.143
    Syslog IP address 192.168.6.143 added
Example 2. Receiving Brocade logs

This example shows Brocade switch logs as received and processed by NXLog.

nxlog.conf
<Extension _syslog>
    Module  xm_syslog
</Extension>

<Extension _json>
    Module  xm_json
</Extension>

<Input in_syslog_udp>
    Module  im_udp
    Host    0.0.0.0
    Port    514
    Exec    parse_syslog();
</Input>

<Output file>
    Module  om_file
    File    "/var/log/brocade.log"
    Exec    to_json();
</Output>
Output sample
{
  "MessageSourceAddress": "192.168.5.15",
  "EventReceivedTime": "2017-03-22 20:23:58",
  "SourceModuleName": "in_syslog_udp",
  "SourceModuleType": "im_udp",
  "SyslogFacilityValue": 21,
  "SyslogFacility": "LOCAL5",
  "SyslogSeverityValue": 6,
  "SyslogSeverity": "INFO",
  "SeverityValue": 2,
  "Severity": "INFO",
  "EventTime": "2017-03-22 20:23:58",
  "Hostname": "192.168.5.15",
  "SourceName": "raslogd",
  "Message": "2017/03/22-23:05:12, [SEC-1203], 113962, WWN 10:00:00:05:1e:02:8e:fc | FID 128, INFO, fcsw1, Login information: Login successful via TELNET/SSH/RSH. IP Addr: admin2"
}
Disclaimer

While we endeavor to keep the information in this topic up to date and correct, NXLog makes no representations or warranties of any kind, express or implied about the completeness, accuracy, reliability, suitability, or availability of the content represented here. We update our screenshots and instructions on a best-effort basis.

Last revision: 17 September 2018