Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
783
Views
8
Helpful
5
Replies

Disable logging on switch port/TACACS

nygenxny123
Level 1
Level 1

‎11-24-2008 09:02 AM - edited ‎03-06-2019 02:38 AM

We are implimenting TACACS on our network.

However we do not want to see when

a user ethernet port goes up or down on the switch..

How would this be implimented?

This is the current tacacs config

aaa new-model

aaa authentication login default group tacacs+ local

aaa accounting exec default start-stop group tacacs+

aaa accounting network default start-stop group tacacs+

aaa accounting connection default start-stop group tacacs+

aaa accounting system default start-stop group tacacs+

aaa accounting command 15 default start-stop tacacs+

service timestamps debug date

service timestamps log date

tacacs-server host 192.168.4.23

tacacs-server directed-request

username xxx priv 15 pass xxxx

enable-password xxxx

service password-enc

line vty 0 15

privil level 15

line con 0

privil level 15

Labels:
0 Helpful
5 Replies 5

Collin Clark
VIP Alumni
VIP Alumni

‎11-24-2008 10:20 AM

You'll have to change your logging level (for trap).

RTR-7206VXR(config)#logging trap ?

<0-7> Logging severity level

alerts Immediate action needed (severity=1)

critical Critical conditions (severity=2)

debugging Debugging messages (severity=7)

emergencies System is unusable (severity=0)

errors Error conditions (severity=3)

informational Informational messages (severity=6)

notifications Normal but significant conditions (severity=5)

warnings Warning conditions (severity=4)

What is your current level? I think anything below 6 does not log up/down.

Hope that helps.

nygenxny123
Level 1
Level 1
In response to Collin Clark

‎11-24-2008 12:29 PM

hmnm i think I am at 6

cat1.nyc4#show log

Syslog logging: enabled (0 messages dropped, 1 messages rate-limited, 0 flushes,

0 overruns, xml disabled, filtering disabled)

Console logging: level debugging, 13629 messages logged, xml disabled,

filtering disabled

Monitor logging: level debugging, 0 messages logged, xml disabled,

filtering disabled

Buffer logging: level debugging, 13629 messages logged, xml disabled,

filtering disabled

Exception Logging: size (4096 bytes)

Count and timestamp logging messages: disabled

File logging: disabled

Trap logging: level informational, 13632 message lines logged

I will try ur advice..thx

0 Helpful

Mark Yeates
Level 7
Level 7

‎11-24-2008 10:32 AM

You could add the following interface command "no logging event link-status" on all your interfaces. This would allow you to keep your logging level and not see lines for each up/down on the switchports.

HTH,

Mark

Collin Clark
VIP Alumni
VIP Alumni
In response to Mark Yeates

‎11-24-2008 10:38 AM

Nice one Mark, I ever knew about that one.

0 Helpful

Mark Yeates
Level 7
Level 7
In response to Collin Clark

‎11-24-2008 10:54 AM

Collin,

I discovered that one a while back and it is a very handy command to have especially on a port connected to an end user PC. It keeps the logs alot cleaner that way.

Thanks for the rating!

Mark

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card