This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
RUCKUS Self Help |   ASK the Pack
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Remote syslog server flooded with debug messages regardless of severity level selected in log settings

robert_nattoo
New Contributor

‎05-14-2018 01:52 PM

I set up a Splunk server to index syslog messages from a SmartZone 100. I enabled syslogs in the Smartzone Web GUI and immediately started getting about 5000 messages per minute.  This continues even if I set the minimum severity level to critical.  

Example message: 
...sshd[26692]: debug1: connect_next: host localhost ([127.0.0.1]:514) in progress, fd=8
It seems like it's sending debug messages and ignoring the log severity setting in the GUI.  I have also tried setting this in the CLI but there was no difference in behavior.

Has anyone had a similar experience?  At the current rate, I will exhaust my Splunk license.  I need to be able to filter out these debug messages.   
1 REPLY 1

ravi_teja_9zbkf
New Contributor III

‎05-14-2018 10:28 PM

Hi Robert,

What version of software is running on SZ100 ?
We have come across this issues before and we do have KSP patch available to address this. Request you to log a ticket with Ruckus Support Team for the patch file.

Regards
Ravi Teja
0 Kudos
Copyright © 2024 Khoros, LLC