Syslog

Syslog is a standard for computer message logging. It is supported on a variety of devices and platforms, and is used to store management, security, informational, debugging, and other types of messages about these devices.

The syslog stores important information such as records of administrator manipulation of the storage array, and a history of alerts or issues with the array. Using syslog, system log files can be shipped from an array group to a centralized, remote server. The benefits of this include:

• Cost savings - system log files can be archived on inexpensive media rather than on the array.
• Ease of use - a central repository consolidates data from multiple arrays into one area, so it is not necessary to log into every array to get the data.
• Data analytics - it's easier to examine logs for troubleshooting, security, and health-related issues if they are on a central device.

With syslog enabled, arrays can communicate with third party monitoring tools without the need of custom code because it uses the standard syslog protocol.

Arrays support the Red Hat Enterprise Server and Splunk implementations of syslog. UDP is used to communicate between the array group and the syslog server (SSL is not supported at this time). One syslog message is generated for each alert and audit log message. Alert severity types include INFO, WARN and ERROR.