Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Syslog Severity Levels -

I'm looking for input on what would be the best severity level to configure all devices to log messages to a syslog server at. I was thinking setting all at severity level 4 or warnings would be best but I would hate to configure them all at that level and later wish I had set them at severity level 5 or notifications.

The customer doesn't want too many messages coming into the servers which I can understand but I don't want to miss anything. If I were to set the devices at severity level 4 or warnings, what kind of messages would I miss that might be of importance?

For example, Config changes are logged at severity level 5. If I configure everything at severity level 4, I would miss these messages and the system wouldn't be able to do change auditing as thorough. The config would only get updated once/day as scheduled.

1 REPLY
Blue

Re: Syslog Severity Levels -

Surprisingly or not, some pretty critical alerts get sent as severity level 5 syslogs.

515
Views
5
Helpful
1
Replies