Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
724
Views
0
Helpful
12
Replies

Logging commands

Go to solution
kradjesh13
Level 1
Level 1

‎02-19-2006 04:14 PM - edited ‎03-03-2019 01:54 AM

Hi ,

I am just wondering is there any debug command or set of commands to monitor and logg each and every activity which is performed by router to a separate log server.

Thanks

Rajesh

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
pkhatri
Level 11
Level 11
In response to kradjesh13

‎02-19-2006 07:30 PM

Hi Rajesh,

The logging commands I indicated in my first post will capture most of this information.

I suggest you set this up and let it run for a few days. Then, view the logs to get a feel for what is being logged and what else you want to see. Then you can do some further tweaking in order to make sure that you capture this additional information.

Hope that helps - pls rate the post if it does.

Paresh

View solution in original post

0 Helpful
12 Replies 12

Go to solution
pkhatri
Level 11
Level 11

‎02-19-2006 04:58 PM

Hi Rajesh,

You can config the syslog logging feature to do so:

Here's a sample config which will log all messages to the specified syslog server:

logging on

logging

logging trap 7

You can download a great free syslog server from http://www.kiwisyslog.com/

Hope that helps - pls rate the post if it does.

Paresh

0 Helpful

Go to solution
Richard Burts
Hall of Fame
Hall of Fame
In response to pkhatri

‎02-19-2006 05:18 PM

The suggestion of configuring logging to an external server is an excellent response to the explicit question that was asked. But I sense that what they are really trying to accomplish is something different. As I understand the question what they really want is to record the commands that are entered on their routers. I believe that the optimum solution for this is found in aaa accounting. At a customer site we routinely configure aaa accounting to record all privilege level commands that are entered using this command:

aaa accounting commands 15 default start-stop group tacsacs+.

And if they really want to record ALL commands then it would be possible to record all commands at privilege level 1 and 15.

HTH

Rick

HTH

Rick
0 Helpful

Go to solution
kradjesh13
Level 1
Level 1
In response to Richard Burts

‎02-19-2006 05:21 PM

Thanks,

Is there any particular set of commands to logg all the incomming connections that enters into a Router box.

Rajesh

0 Helpful

Go to solution
pkhatri
Level 11
Level 11
In response to kradjesh13

‎02-19-2006 05:23 PM

Hi Rajesh,

As Rick indicated, we are not really clear on what you are trying to achieve. What exactly do you mean by an 'incoming connection' ? Is this supposed to mean:

- telnet sessions to the router ?

- BGP sessions ?

Pls do advise so that we can help you better..

Paresh

0 Helpful

Go to solution
ney25
Level 2
Level 2
In response to pkhatri

‎02-19-2006 05:23 PM

Hi Paresh,

How about CatOS, what command i should use?

i was using Kiwisyslog server for long time, but some of the switches, seems like no capture by syslog server.

please guide me how to do.

your reply will be highly appreciated.

Regards,

Jack

0 Helpful

Go to solution
pkhatri
Level 11
Level 11
In response to ney25

‎02-19-2006 05:34 PM

Hi Jack,

Which particular platform are you having problems with ?

A basic config would be:

set logging server

set logging enable

set logging level all 6

Hope that helps - pls rate the post if it does.

Paresh

0 Helpful

Go to solution
kradjesh13
Level 1
Level 1
In response to pkhatri

‎02-19-2006 05:51 PM

To be more specific, need to logg in Telnet, VPN, BGP and also to logg in the email traffic which passes through the server.

Thanks

Rajesh

0 Helpful

Go to solution
kradjesh13
Level 1
Level 1
In response to kradjesh13

‎02-19-2006 06:18 PM

Need to logg the traffic which enters the Router from the outside world like Telnet, VPN, BGP and the e-mail traffic.

Thanks in advance.

Rajesh

0 Helpful

Go to solution
pkhatri
Level 11
Level 11
In response to kradjesh13

‎02-19-2006 06:23 PM

Hi Rajesh,

While you can get some of the above information from a router, a more appropriate solution would be for you to get some sort of an application-layer device that can actually do deep-inspection of packets and report on them. The router will simply not be able to look into emails and report on who it is from and who it is destined to ...

Hope that helps - pls rate the post if it does.

Paresh

0 Helpful

Go to solution
kradjesh13
Level 1
Level 1
In response to pkhatri

‎02-19-2006 07:25 PM

Thanks Paresh

Ok, so leaving the email traffic, how to logg other incomming traffic like Telnet, VPN and BGP ones. Is there any way to do that???

If so, can u plz attach the documentations ?

Thanks in advance.

Rajesh

0 Helpful

Go to solution
pkhatri
Level 11
Level 11
In response to kradjesh13

‎02-19-2006 07:30 PM

Hi Rajesh,

The logging commands I indicated in my first post will capture most of this information.

I suggest you set this up and let it run for a few days. Then, view the logs to get a feel for what is being logged and what else you want to see. Then you can do some further tweaking in order to make sure that you capture this additional information.

Hope that helps - pls rate the post if it does.

Paresh

0 Helpful

Go to solution
kradjesh13
Level 1
Level 1
In response to pkhatri

‎02-20-2006 08:20 PM

Thanks Paresh

Will do that and come back later regarding the extra bits needed for logging.

Rajesh

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents