SHIFT

--- Sjoerd Hooft's InFormation Technology ---

User Tools

Site Tools


Sidebar

Recently Changed Pages:

View All Pages


View All Tags


LinkedIn




WIKI Disclaimer: As with most other things on the Internet, the content on this wiki is not supported. It was contributed by me and is published “as is”. It has worked for me, and might work for you.
Also note that any view or statement expressed anywhere on this site are strictly mine and not the opinions or views of my employer.


Pages with comments

View All Comments

ciscosyslog

Cisco Syslog

This is a page with information about how to send cisco logging to a linux syslog server.
All commands assume you've already logged on to the switch with privilege level 15 access and are already in config mode (conf t).

Setup Date and Time

To make sure the logs are displaying the correct timestamp first configure the date and time correctly.

NTP Server

ntp server 10.10.10.123

Timezone

clock timezone CET +1

Summertime

clock summer-time CET recurring 1 Sunday April 2:00 last Sunday October 3:00

View Date and Time

switch04#show clock
15:15:53.642 CET Thu Sep 23 2010

Correct!

Setup Syslog on Cisco Switch

Set Timestamps for Logging

service timestamp log datetime localtime

Define Syslog Server --

no logging console
no logging monitor
logging syslog.company.local

Set Syslog Severity Level

logging trap 6

Note:

switch04(config)#logging trap ?
  <0-7>          Logging severity level
  emergencies    System is unusable                (severity=0)
  alerts         Immediate action needed           (severity=1)
  critical       Critical conditions               (severity=2)
  errors         Error conditions                  (severity=3)
  warnings       Warning conditions                (severity=4)
  notifications  Normal but significant conditions (severity=5)
  informational  Informational messages            (severity=6)
  debugging      Debugging messages                (severity=7)

Enable Logon Syslog

logging facility auth

Enable Syslogging over Management Interface

logging source-interface Vlan1
logging on

Show Logging Configuration

switch04#show logging
Syslog logging: enabled (0 messages dropped, 0 messages rate-limited, 0 flushes, 0 overruns)
    Console logging: level debugging, 2023 messages logged
    Monitor logging: level debugging, 0 messages logged
    Buffer logging: level debugging, 2023 messages logged
    Exception Logging: size (4096 bytes)
    File logging: disabled
    Trap logging: level informational, 2043 message lines logged
        Logging to 10.10.10.14, 1 message lines logged

Check and Close

Now check the configuration, and only write the configuration to the cisco device if everything is correct. To do so:

write
exit

Logging Of Configuration Changes

The logging of configuration changes was introduced with IOS version 12.3. Since we're running 12.1 with no option to upgrade to 12.3 no testing there. All possibilities are described here: http://www.cisco.com/en/US/docs/ios/12_3t/12_3t4/feature/guide/gtconlog.html
More logging info: http://www.cisco.com/en/US/docs/ios/netmgmt/command/reference/nm_09.html

Sources

You could leave a comment if you were logged in.
ciscosyslog.txt · Last modified: 2021/09/24 00:24 (external edit)