Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2198
Views
5
Helpful
6
Replies

syslog messages via snmp-

Go to solution
getwithrob
Level 3
Level 3

‎01-20-2006 10:24 AM

I'm still trying to understand this command:

snmp-server enable traps syslog

I think this will send log messages via snmp to the snmp host configured in the snmp-server host statement.

Is there a way to pick and chose which messages or message severity levels you want sent to the snmp-server host?

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
nhabib
Level 9
Level 9
In response to getwithrob

‎01-20-2006 06:18 PM

That is correct.

View solution in original post

0 Helpful
6 Replies 6

Go to solution
nhabib
Level 9
Level 9

‎01-20-2006 11:22 AM

You are correct, the syslog messages will be converted into snmp traps (as defined in the CISCO-SYSLOG-MIB) and sent to the ip address listed in snmp-server host

The severity is controlled by the logging trap command.

Go to solution
getwithrob
Level 3
Level 3
In response to nhabib

‎01-20-2006 04:18 PM

Let me make sure I have this part correct. The only control of what syslog messages can be sent to the snmp-server host is by syslog severity levels?

I can't send some messages from a severity level 3 and not others? It's an all or none situation I'm guessing.....

0 Helpful

Go to solution
nhabib
Level 9
Level 9
In response to getwithrob

‎01-20-2006 06:18 PM

That is correct.

0 Helpful

Go to solution
getwithrob
Level 3
Level 3
In response to nhabib

‎01-22-2006 08:59 AM

I guess this is what the guy was talking about on how only specific syslog messages could be selected and sent....

event syslog pattern regular-expression [occurs num-occurrences] [period period-value] [priority priority-level] [severity-level]

I'm sure there are a number of requirements before this can happen and the code must be at a certain level.....

0 Helpful

Go to solution
getwithrob
Level 3
Level 3
In response to getwithrob

‎01-22-2006 02:29 PM

Embedded Event Manager -

0 Helpful

Go to solution
MarcoVienna
Level 1
Level 1

‎03-08-2006 01:56 AM

Hi!

I think what you are asking is:

When the device sends a syslog message also as SNMP trap (snmp-server host ... syslog) how can I specify what syslog message is send as trap.

the config command on the device would be:

device(config)#logging history ?

<0-7> Logging severity level

alerts Immediate action needed (severity=1)

critical Critical conditions (severity=2)

debugging Debugging messages (severity=7)

emergencies System is unusable (severity=0)

errors Error conditions (severity=3)

informational Informational messages (severity=6)

notifications Normal but significant conditions (severity=5)

warnings Warning conditions (severity=4)

So if you want to receive syslog traps only for syslog error messages then configure:

device(config)#logging history 3

I hope this is what you were looking for.

Cheers,

Marco

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents