Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Webcast-Catalyst9k
New Member

Logging commands

Hi ,

I am just wondering is there any debug command or set of commands to monitor and logg each and every activity which is performed by router to a separate log server.

Thanks

Rajesh

1 ACCEPTED SOLUTION

Accepted Solutions
Purple

Re: Logging commands

Hi Rajesh,

The logging commands I indicated in my first post will capture most of this information.

I suggest you set this up and let it run for a few days. Then, view the logs to get a feel for what is being logged and what else you want to see. Then you can do some further tweaking in order to make sure that you capture this additional information.

Hope that helps - pls rate the post if it does.

Paresh

12 REPLIES
Purple

Re: Logging commands

Hi Rajesh,

You can config the syslog logging feature to do so:

Here's a sample config which will log all messages to the specified syslog server:

logging on

logging

logging trap 7

You can download a great free syslog server from http://www.kiwisyslog.com/

Hope that helps - pls rate the post if it does.

Paresh

Hall of Fame Super Gold

Re: Logging commands

The suggestion of configuring logging to an external server is an excellent response to the explicit question that was asked. But I sense that what they are really trying to accomplish is something different. As I understand the question what they really want is to record the commands that are entered on their routers. I believe that the optimum solution for this is found in aaa accounting. At a customer site we routinely configure aaa accounting to record all privilege level commands that are entered using this command:

aaa accounting commands 15 default start-stop group tacsacs+.

And if they really want to record ALL commands then it would be possible to record all commands at privilege level 1 and 15.

HTH

Rick

New Member

Re: Logging commands

Thanks,

Is there any particular set of commands to logg all the incomming connections that enters into a Router box.

Rajesh

Purple

Re: Logging commands

Hi Rajesh,

As Rick indicated, we are not really clear on what you are trying to achieve. What exactly do you mean by an 'incoming connection' ? Is this supposed to mean:

- telnet sessions to the router ?

- BGP sessions ?

Pls do advise so that we can help you better..

Paresh

New Member

Re: Logging commands

Hi Paresh,

How about CatOS, what command i should use?

i was using Kiwisyslog server for long time, but some of the switches, seems like no capture by syslog server.

please guide me how to do.

your reply will be highly appreciated.

Regards,

Jack

Purple

Re: Logging commands

Hi Jack,

Which particular platform are you having problems with ?

A basic config would be:

set logging server

set logging enable

set logging level all 6

Hope that helps - pls rate the post if it does.

Paresh

New Member

Re: Logging commands

To be more specific, need to logg in Telnet, VPN, BGP and also to logg in the email traffic which passes through the server.

Thanks

Rajesh

New Member

Re: Logging commands

Need to logg the traffic which enters the Router from the outside world like Telnet, VPN, BGP and the e-mail traffic.

Thanks in advance.

Rajesh

Purple

Re: Logging commands

Hi Rajesh,

While you can get some of the above information from a router, a more appropriate solution would be for you to get some sort of an application-layer device that can actually do deep-inspection of packets and report on them. The router will simply not be able to look into emails and report on who it is from and who it is destined to ...

Hope that helps - pls rate the post if it does.

Paresh

New Member

Re: Logging commands

Thanks Paresh

Ok, so leaving the email traffic, how to logg other incomming traffic like Telnet, VPN and BGP ones. Is there any way to do that???

If so, can u plz attach the documentations ?

Thanks in advance.

Rajesh

Purple

Re: Logging commands

Hi Rajesh,

The logging commands I indicated in my first post will capture most of this information.

I suggest you set this up and let it run for a few days. Then, view the logs to get a feel for what is being logged and what else you want to see. Then you can do some further tweaking in order to make sure that you capture this additional information.

Hope that helps - pls rate the post if it does.

Paresh

New Member

Re: Logging commands

Thanks Paresh

Will do that and come back later regarding the extra bits needed for logging.

Rajesh

153
Views
0
Helpful
12
Replies
CreatePlease to create content