Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
948
Views
13
Helpful
3
Replies

Not Logging all levels of Sylog messages from Core switch 4503

Sihanu N
Level 1
Level 1

‎04-24-2012 08:37 PM - edited ‎03-07-2019 06:19 AM

Hi Experts,

We had a core switch(4503) in our environment and recently we tried to enable syslog in the switch. But the syslog server doesnt receives all the configured level messages from the switch. Following is the only message getting in syslog server after the configuration change in switch.

%SYS-5-CONFIG_I: Configured from console by CWLMS onvty1

(No Traffic related messages like acl deny traffic, spanning tree events etc are getting to syslog server as well as log buffer of the switch)

Following are the logging configuration for the core switch

logging monitor informational

logging facility syslog

logging source-interface Vlan44

logging <syslog server ip>

show logging output

Core#sh logging

Syslog logging: enabled (0 messages dropped, 17 messages rate-limited, 0 flushes

, 0 overruns)

    Console logging: level debugging, 55 messages logged

    Monitor logging: level informational, 0 messages logged

    Buffer logging: level debugging, 72 messages logged

    Exception Logging: size (8192 bytes)

    Count and timestamp logging messages: disabled

    Trap logging: level informational, 47 message lines logged

        Logging to <syslog server ip>, 47 message lines logged

1) Is there any more configurations required for getting all traffic related messages, (i mean all possible messages - upto level 7 - debugging)?

Any advice or suggession regarding the issue is highly appreciable.

Regards,

Sihanu N

Labels:
0 Helpful
3 Replies 3

Leo Laohoo
Hall of Fame
Hall of Fame

‎04-24-2012 09:51 PM

Do you want to see when interfaces go down/up?  By default, this is disabled.  To enable this you need to go to the interface level and enter the command "logging enable link".

For ACL, look at your ACL statements individually.  There should be a "log" option at the end of the line.

Sihanu N
Level 1
Level 1
In response to Leo Laohoo

‎04-24-2012 10:01 PM

Hi Leo,

Many Thanks for reply,

In our environment one server in one of the vlan is configured for syslog server. Please clarify which all interfaces needs to enable the command "logging enable link"?

Regards,

Sihanu N

0 Helpful

Leo Laohoo
Hall of Fame
Hall of Fame
In response to Sihanu N

‎04-24-2012 11:12 PM 

Please clarify which all interfaces needs to enable the command "logging enable link"?

Let's say you have interface 2/14 is a server.  You want to see everytime this link goes down/up.  By default, when this link goes down/up you won't see it in the logs.

So if you do this:

conf t

int g 2/14

logging enable link

end

This enables it.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card