Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Webcast-Catalyst9k
New Member

Syslog Server Recommendations

I manage a network containing approx:

12 routers

75 switches

2 WLC's with about 100 radios

1 ASA

And I'd like to start sending logs to a syslog server. Having never used a syslog server before I have a few questions.

1) With a network this size how much LAN/WAN traffic am I going to be generating by sending logs to a syslog server?

2) What kind of specs do I need to run the server, and do I need more than one?

3) Are there any best practices as far as trap level, etc.?

Thanks in advance!

Rob

1 ACCEPTED SOLUTION

Accepted Solutions

Re: Syslog Server Recommendations

Rob-

The amount of syslog data depends on your logging level. Even at debug level (as long as your not actually debugging traffic) the traffic is relatively small. The packets are UDP and small so they are pretty efficient. You'll only need one server (we have almost a thoudand devices on one server). We log warning on most devices, but our firewalls all run at debug.

Hope that helps.

3 REPLIES

Re: Syslog Server Recommendations

Rob-

The amount of syslog data depends on your logging level. Even at debug level (as long as your not actually debugging traffic) the traffic is relatively small. The packets are UDP and small so they are pretty efficient. You'll only need one server (we have almost a thoudand devices on one server). We log warning on most devices, but our firewalls all run at debug.

Hope that helps.

New Member

Re: Syslog Server Recommendations

Thanks so much Collin. If I may ask, what kind of hardware would you recommend for the server (cpu/ram/drive space)?

Re: Syslog Server Recommendations

Honestly any server built in the past 3-4 years would be fine. It takes very little resources (disk space more than anything). If you run Linux take a look at rsyslog.

254
Views
0
Helpful
3
Replies
CreatePlease to create content