CCNA 7.1.c: Syslog


Syslog is a way for network devices to send event messages to a logging server, usually known as a Syslog server.


Study Notes:

  • Syslog - System Message Logging
  • Syslog uses port 514
  • Controls the distribution of logging messages to various destinations based on the configuraiton
    • Logging buffer
    • Terminal lines
    • Syslog server
  • When disabled, logging messages are sent only to the console
  • Messages are sent as they are generated by the system
  • Severity level of syslog messages can be sent to increase or reduce the amount and granularity of logging messages
    • 0 - emergencies
    • 1 - alerts
    • 2 - critical
    • 3 - errors
    • 4 - warnings
    • 5 - notifications
    • 6 - informational
    • 7 - debugging
  • Able to timestamp messages for real-time debugging (check system clock)
  • Syslog messages can be accessed via CLI and/or saved to a syslog server
  • Syslog messages are displayed in this format

Seq_no:timestamp: %facility-severity-MNEMONIC:description

  • For example

00:00:48: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0/1, changed state to down 2

  • Configuration
Router(config)#service timestamps log datetime [msec] [localtime] [show-timezone]
Router(config)#logging buffered <4096 to 2147483647>
Router(config)#logging <IP_address of syslog server>
Router(config)#logging console <level>
Router(config)#logging monitor <level>
Router(config)#logging trap <level>
Router#terminal monitor
Router#clock set hh:mm:ss <1-31> MON <1993-2035>



PacketTracer Lab: CCNA-7.1.c-Configure-and-verify-Syslog.pkt

Subscribe Now for access to the labs!



Leave a Reply
Built by TrailSix