04-24-2012 08:37 PM - edited 03-07-2019 06:19 AM
Hi Experts,
We had a core switch(4503) in our environment and recently we tried to enable syslog in the switch. But the syslog server doesnt receives all the configured level messages from the switch. Following is the only message getting in syslog server after the configuration change in switch.
%SYS-5-CONFIG_I: Configured from console by CWLMS onvty1
(No Traffic related messages like acl deny traffic, spanning tree events etc are getting to syslog server as well as log buffer of the switch)
Following are the logging configuration for the core switch
logging monitor informational
logging facility syslog
logging source-interface Vlan44
logging <syslog server ip>
show logging output
Core#sh logging
Syslog logging: enabled (0 messages dropped, 17 messages rate-limited, 0 flushes
, 0 overruns)
Console logging: level debugging, 55 messages logged
Monitor logging: level informational, 0 messages logged
Buffer logging: level debugging, 72 messages logged
Exception Logging: size (8192 bytes)
Count and timestamp logging messages: disabled
Trap logging: level informational, 47 message lines logged
Logging to <syslog server ip>, 47 message lines logged
1) Is there any more configurations required for getting all traffic related messages, (i mean all possible messages - upto level 7 - debugging)?
Any advice or suggession regarding the issue is highly appreciable.
Regards,
Sihanu N
04-24-2012 09:51 PM
Do you want to see when interfaces go down/up? By default, this is disabled. To enable this you need to go to the interface level and enter the command "logging enable link".
For ACL, look at your ACL statements individually. There should be a "log" option at the end of the line.
04-24-2012 10:01 PM
Hi Leo,
Many Thanks for reply,
In our environment one server in one of the vlan is configured for syslog server. Please clarify which all interfaces needs to enable the command "logging enable link"?
Regards,
Sihanu N
04-24-2012 11:12 PM
Please clarify which all interfaces needs to enable the command "logging enable link"?
Let's say you have interface 2/14 is a server. You want to see everytime this link goes down/up. By default, when this link goes down/up you won't see it in the logs.
So if you do this:
conf t
int g 2/14
logging enable link
end
This enables it.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: