Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1327
Views
0
Helpful
3
Replies

local logging on pix 501 and catalyst 4503

Go to solution
rhopkins_nci
Level 1
Level 1

‎07-20-2007 07:38 AM

is there a way to enable and view logging locally on the pix 501 and catalyst 4503, since I dont have a syslog service yet? I mainly want to see success and failure of logons or logins on the console, ssh, and telnet. If you can point me to some guides or list the steps/commands, I would appreciate it. Thanks in advance.

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
mohammedmahmoud
Level 11
Level 11
In response to rhopkins_nci

‎07-20-2007 09:41 AM

Hi,

Logging on Cisco devices can be in one of these 4 methods:

1.Console logging - Enabled by default ("logging console" under the global configuration) - The logging will pop-up to the terminal when you are connected via console.

2.Monitor logging - The current terminal line (to the vty (telnet) sessions when "terminal monitor" is enabled - to disable use "terminal no monitor" - Exec mode not configuration mode) - pop-up logging on your screen like in the first method but it is not enabled by default (needs the "terminal monitor").

3.Buffer logging - The router internal logging buffer (use "logging buffered" then "show logging" to display the logs saved in the logging buffer (local RAM Buffer), but the main drawbacks here is the limited size of the buffer (retains only the newest Information) and that the log is lost if the router reloads since it is in the RAM).

4.Syslog logging - The syslog server (use "logging ") the most preferred method, its only drawback is when the connectivity is lost with the syslog server.

HTH,

Mohammed Mahmoud.

View solution in original post

0 Helpful
3 Replies 3

Go to solution
mohammedmahmoud
Level 11
Level 11

‎07-20-2007 08:21 AM

Hi,

As for the catalyst please issue "set logging buffered" if it is CatOS and "logging buffered" if IOS and use show logging to view the logging.

As for pix use "logging buffered".

HTH,

Mohammed Mahmoud.

0 Helpful

Go to solution
rhopkins_nci
Level 1
Level 1
In response to mohammedmahmoud

‎07-20-2007 09:36 AM

Just curious, are the logged entries saved in memory or to some file in the cisco devices? Or does it just pop up on the console connection? So, theres no special cmd to log login attempts? Thanks again.

0 Helpful

Go to solution
mohammedmahmoud
Level 11
Level 11
In response to rhopkins_nci

‎07-20-2007 09:41 AM

Hi,

Logging on Cisco devices can be in one of these 4 methods:

1.Console logging - Enabled by default ("logging console" under the global configuration) - The logging will pop-up to the terminal when you are connected via console.

2.Monitor logging - The current terminal line (to the vty (telnet) sessions when "terminal monitor" is enabled - to disable use "terminal no monitor" - Exec mode not configuration mode) - pop-up logging on your screen like in the first method but it is not enabled by default (needs the "terminal monitor").

3.Buffer logging - The router internal logging buffer (use "logging buffered" then "show logging" to display the logs saved in the logging buffer (local RAM Buffer), but the main drawbacks here is the limited size of the buffer (retains only the newest Information) and that the log is lost if the router reloads since it is in the RAM).

4.Syslog logging - The syslog server (use "logging ") the most preferred method, its only drawback is when the connectivity is lost with the syslog server.

HTH,

Mohammed Mahmoud.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents