Configuration Cisco's Syslog Logging
1) In order to ensure that logging is enabled, issue the logging on command.
Router(config)# logging on
2) In order to specify the Essentials server that is to receive the router syslog messages, issue the logging ip_address command. ip_address is the address of the server that collects the syslog messages.
Router(config)# logging 1.1.1.1
3) In order to limit the types of messages that can be logged to the Essentials server, set the appropriate logging trap level with the logging trap informational command. The informational portion of the command signifies severity level 6. This means all messages from level 0-5 (from emergencies to notifications) are logged to the Essentials server.
Router(config)
# logging trap informational
Valid logging facilities are local0 through local7.
Valid levels are:
7) emergency
6) alert
5) critical
4) error
3) warning
2) notification
1) informational
0) debug
7) emergency
6) alert
5) critical
4) error
3) warning
2) notification
1) informational
0) debug
4. In order to verify if the device sends syslog messages, check with the # sh logging command. You see all the syslog messages that are sent. If you do not see syslog messages, ensure that this is configured:
logging on / logging console / debug / logging monitor / debug logging trap debug
If you are configuring a Cisco Catalyst device for syslog logging please follow the steps below:
1. Ensure sure logging is enabled with the set logging server enable command.
Switch # set logging server enable
Switch # set logging server enable
2. Specify the Essentials server that is to receive the router syslog messages, with the logging server_ip command. server ip is the IP address of the Essentials server.
Switch # set logging server 1.1.1.1
Switch # set logging server 1.1.1.1
3. Limit the types of messages logged to the Essentials server. Enter set logging level informational, where informational signifies severity level 6. This means that all messages from level 0-5 (from emergencies to notifications) are logged to the Essentials server.
Switch # set logging server severity 6
Switch # set logging server severity 6
4. In order to see if syslog messages are sent, use the # sh logging buffer command. You see syslog messages that are sent.
Many more options are available to explore : Try some of these :
# set logging level all 7 default
# set logging server enable
# set logging server 1.1.1.1 (your unix syslog server ip address)
# set logging server facility LOCAL7
# set logging server severity 7 # syslog
# set logging console enable
# set logging server enable
# set logging server 1.1.1.1
# set logging level cdp 7 default
# set logging level mcast 7 default
# set logging level dtp 7 default
# set logging level dvlan 7 default
# set logging level earl 7 default
# set logging level fddi 7 default
# set logging level ip 7 default
# set logging level pruning 7 default
Enter: sh logging
output:
Logging buffer size: 500
timestamp option: enabled
Logging history size: 1
Logging console: enabled
Logging server: enabled {1.1.1.1}
server facility: LOCAL7
server severity: debugging(7)
Current Logging Session: enabled
output:
Logging buffer size: 500
timestamp option: enabled
Logging history size: 1
Logging console: enabled
Logging server: enabled {1.1.1.1}
server facility: LOCAL7
server severity: debugging(7)
Current Logging Session: enabled
The Cisco device is now configured for syslog logging.