Need to create syslog entries for VPN sessions thru 2811

Unanswered Question

we are using local database authentication for a small # of users authorized VPNs (less than 20).  We want to log each VPN session.  I have the syslog server already functional.  I can't find a command string to geenrate log messages for start and end of VPN sessions.  We want to record username for each session start/end.  Also considered just changeing the syslog message properties, but I don't know the message ID message so I could modify its syslog level to 5 or 4 and capture the info.  (Of course, I amy also be takign the wrong approach, so please enlighten me if I'm off base).

Thanks in advance.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Ganesh Hariharan Wed, 01/06/2010 - 22:36

Hi,

Try this configuration in 2811 for syslog with logging level and facility level and check out the message are coming in syslog or not for VPN session.

Router# configure terminal
Router(config)#logging host
Router(config)# logging trap level
Specifies the kind of messages, by severity level, to be sent to the syslog server. The default is informational and lower. The possible values for level are as follows:
Emergency: 0
Alert: 1
Critical: 2
Error: 3
Warning: 4
Notice: 5
Informational: 6
Debug: 7


Use the debug level with caution, because it can generate a large amount of syslog traffic in a busy network.


Router(config)# logging facility facility-type


Specifies the facility level used by the syslog messages; the default is local7. Possible values are local0, local1, local2, local3, local4, local5, local6, and local7.

Router# show logging
Displays logging configuration

and check out the below link for facilty codes for syslog messages hope this helps out your query !!

http://www.monitorware.com/common/en/articles/syslog-described.php

Regards

Ganesh.H

Actions

This Discussion