Hello folks, I am new to syslog so I want to confirm the following:
Currently I have the below configured on MY4507:
Imagine I create an ACL "permit tcp any any eq 80 log-input" and apply to one of the inbound interfaces so that I can monitor hits to server network on port 80. Let's say I get too many hits. My understanding is that MY4507 would be protected against overflow by the command in red below, correct?
How about my syslog server? Is the 'logging size 500' also limit the information that I sent to my syslog server? Please let me know what is the best way to make sure that my syslog server will not crash in case I end up sending too many log output messages to it.
MY4507#show run | i logging
logging buffered 20000
logging event link-status global
logging event trunk-status global
logging size 500
ip sla logging traps
logging source-interface Loopback0