Overview:
Syslog is a way for network devices to send event messages to a logging server, usually known as a Syslog server.
Study Notes:
- Syslog - System Message Logging
- Syslog uses port 514
- Controls the distribution of logging messages to various destinations based on the configuraiton
- Logging buffer
- Terminal lines
- Syslog server
- When disabled, logging messages are sent only to the console
- Messages are sent as they are generated by the system
- Severity level of syslog messages can be sent to increase or reduce the amount and granularity of logging messages
- 0 - emergencies
- 1 - alerts
- 2 - critical
- 3 - errors
- 4 - warnings
- 5 - notifications
- 6 - informational
- 7 - debugging
- Able to timestamp messages for real-time debugging (check system clock)
- Syslog messages can be accessed via CLI and/or saved to a syslog server
- Syslog messages are displayed in this format
Seq_no:timestamp: %facility-severity-MNEMONIC:description
- For example
00:00:48: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0/1, changed state to down 2
- Configuration
Router(config)#service timestamps log datetime [msec] [localtime] [show-timezone] Router(config)#logging buffered <4096 to 2147483647> Router(config)#logging <IP_address of syslog server> Router(config)#logging console <level> Router(config)#logging monitor <level> Router(config)#logging trap <level> Router(config)#end Router#terminal monitor Router#clock set hh:mm:ss <1-31> MON <1993-2035>
PacketTracer Lab: CCNA-7.1.c-Configure-and-verify-Syslog.pkt
Subscribe Now for access to the labs!