3 Apr 2014

Cisco Device Logging

There two types of Logging
  • Syslog
  • SNMP

First of all  I set the NTP/timezone and also timestamp my logs.

 #ntp server x.x.x.x

This is for Istanbul/Turkey with summer-time modification
#clock timezone utc 2
#clock summer-time EEST recurring last Sun Mar 3:00 last Sun Oct 4:00

#service timestamps debug datetime msec
#service timestamps log datetime localtime

SYSLOG 

  • Save in Buffer (on device DRAM)
  • Send to external server

Level Keyword

Level

Description

Syslog Definition

emergencies

0

System unstable

LOG_EMERG

alerts

1

Immediate action needed

LOG_ALERT

critical

2

Critical conditions

LOG_CRIT

errors

3

Error conditions

LOG_ERR

warnings

4

Warning conditions

LOG_WARNING

notifications

5

Normal but significant condition

LOG_NOTICE

informational

6

Informational messages only

LOG_INFO

debugging

7

Debugging messages

LOG_DEBUG

 

Buffer

#logging buffered 25000

External Syslog Server

Set the facility you will be sending. This only sets the LABEL of the syslog messages your device will send. It's usefull on the syslog server side, for sorting and categorizing incoming messages.

#logging facility local6
  
Set your syslog server:
#logging  x.x.x.x

SNMP

  • SNMP queries made from your Monitoring Solution to your Cisco Device
  • SNMP Traps sent by your Cisco Device 
Set your community, permissions and ACL
Here I set my community string and give ReadOnly permissions to hosts that ACL 5 permits.
This will allow your Monitoring Solution to query your device using SNMP MIBs. Your cisco device will not start sending SNMP Traps with only this command.

#snmp-server community MySNMP RO 5


To start sending SNMP Traps, define a host and enable the traps you would like to send.

#snmp-server host 10.1.60.51
#snmp-server enable traps XXXXXX

No comments:

Post a Comment