Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Disable logging on switch port/TACACS

We are implimenting TACACS on our network.

However we do not want to see when

a user ethernet port goes up or down on the switch..

How would this be implimented?

This is the current tacacs config

aaa new-model

aaa authentication login default group tacacs+ local

aaa accounting exec default start-stop group tacacs+

aaa accounting network default start-stop group tacacs+

aaa accounting connection default start-stop group tacacs+

aaa accounting system default start-stop group tacacs+

aaa accounting command 15 default start-stop tacacs+

service timestamps debug date

service timestamps log date

tacacs-server host 192.168.4.23

tacacs-server directed-request

username xxx priv 15 pass xxxx

enable-password xxxx

service password-enc

line vty 0 15

privil level 15

line con 0

privil level 15

5 REPLIES

Re: Disable logging on switch port/TACACS

You'll have to change your logging level (for trap).

RTR-7206VXR(config)#logging trap ?

<0-7> Logging severity level

alerts Immediate action needed (severity=1)

critical Critical conditions (severity=2)

debugging Debugging messages (severity=7)

emergencies System is unusable (severity=0)

errors Error conditions (severity=3)

informational Informational messages (severity=6)

notifications Normal but significant conditions (severity=5)

warnings Warning conditions (severity=4)

What is your current level? I think anything below 6 does not log up/down.

Hope that helps.

New Member

Re: Disable logging on switch port/TACACS

hmnm i think I am at 6

cat1.nyc4#show log

Syslog logging: enabled (0 messages dropped, 1 messages rate-limited, 0 flushes,

0 overruns, xml disabled, filtering disabled)

Console logging: level debugging, 13629 messages logged, xml disabled,

filtering disabled

Monitor logging: level debugging, 0 messages logged, xml disabled,

filtering disabled

Buffer logging: level debugging, 13629 messages logged, xml disabled,

filtering disabled

Exception Logging: size (4096 bytes)

Count and timestamp logging messages: disabled

File logging: disabled

Trap logging: level informational, 13632 message lines logged

I will try ur advice..thx

Re: Disable logging on switch port/TACACS

You could add the following interface command "no logging event link-status" on all your interfaces. This would allow you to keep your logging level and not see lines for each up/down on the switchports.

HTH,

Mark

Re: Disable logging on switch port/TACACS

Nice one Mark, I ever knew about that one.

Re: Disable logging on switch port/TACACS

Collin,

I discovered that one a while back and it is a very handy command to have especially on a port connected to an end user PC. It keeps the logs alot cleaner that way.

Thanks for the rating!

Mark

445
Views
8
Helpful
5
Replies
CreatePlease to create content