Changing syslog,conf for audit-trail logsSometimes customers want to send audit-trail logs to an external server to consolidate logging in the network.
By default, all the CLI changes are logged in the /var/log/audit_trail.log file on the CPM. It is possible to see these changes by using the "show audit-trail" command.
This article describes how to change the /etc/syslog.conf file on CPM in order to send all audit-trail logs to an external server.
Procedure to process the audit_trail log into an external server
Audit logging is controlled by syslogd. Crossbeam uses a reserved facility (local6) to send audit-trail messages.