SHIFT-WIKI

--- Sjoerd Hooft's InFormation Technology ---

User Tools

Site Tools

Trace: Cisco Syslog
ciscosyslog

Table of Contents

Cisco Syslog

Summary: How to send cisco logging to a linux syslog server.
Date: Around 2017
Refactor: 20 February 2025: Checked links and formatting.

, ,

All commands assume you've already logged on to the switch with privilege level 15 access and are already in config mode (conf t).

Setup Date and Time

To make sure the logs are displaying the correct timestamp first configure the date and time correctly.

NTP Server

ntp server 10.10.10.123

Timezone

clock timezone CET +1

Summertime

clock summer-time CET recurring 1 Sunday April 2:00 last Sunday October 3:00

View Date and Time

switch04#show clock
15:15:53.642 CET Thu Sep 23 2010

Correct!

Setup Syslog on Cisco Switch

Set Timestamps for Logging

service timestamp log datetime localtime

Define Syslog Server --

no logging console
no logging monitor
logging syslog.company.local

Set Syslog Severity Level

logging trap 6

Note: 

switch04(config)#logging trap ?
  <0-7>          Logging severity level
  emergencies    System is unusable                (severity=0)
  alerts         Immediate action needed           (severity=1)
  critical       Critical conditions               (severity=2)
  errors         Error conditions                  (severity=3)
  warnings       Warning conditions                (severity=4)
  notifications  Normal but significant conditions (severity=5)
  informational  Informational messages            (severity=6)
  debugging      Debugging messages                (severity=7)

Enable Logon Syslog

logging facility auth

Enable Syslogging over Management Interface

logging source-interface Vlan1
logging on

Show Logging Configuration

switch04#show logging
Syslog logging: enabled (0 messages dropped, 0 messages rate-limited, 0 flushes, 0 overruns)
    Console logging: level debugging, 2023 messages logged
    Monitor logging: level debugging, 0 messages logged
    Buffer logging: level debugging, 2023 messages logged
    Exception Logging: size (4096 bytes)
    File logging: disabled
    Trap logging: level informational, 2043 message lines logged
        Logging to 10.10.10.14, 1 message lines logged

Check and Close

Now check the configuration, and only write the configuration to the cisco device if everything is correct. To do so: 

write
exit

Logging Of Configuration Changes

The logging of configuration changes was introduced with IOS version 12.3. Since we're running 12.1 with no option to upgrade to 12.3 no testing there. All possibilities are described here: http://www.cisco.com/en/US/docs/ios/12_3t/12_3t4/feature/guide/gtconlog.html
More logging info: http://www.cisco.com/en/US/docs/ios/netmgmt/command/reference/nm_09.html

Useful Links

ciscosyslog.txt · Last modified: 2025/04/21 17:09 by 127.0.0.1