Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Port security configuration changes in Syslog

Hi

We have SYS logging level set to 6, on our 65xx switches, as per Cisco BKM doc (cant see the real beinfit of level 6 vs 5 - if anyone knows please let me know). Because the logging level is set so high we get all config changes logged also. However we seem to be getting hammered with partcular logs below. We have port security enabled on all the line cards but we get these flood of messages when there are no changes to the switch configuration - note same time. If anyone can shed some light on a possible cause for getting these messages (and why SYS should be set to 6) it would be much appreciated.

Thanks

Pat

2006 May 04 11:29:40 BST +01:00 %SYS-6-CFG_CHG:Module 11 block changed by SecurityRx//

2006 May 04 11:29:45 BST +01:00 %SYS-6-CFG_CHG:Module 5 block changed by SecurityRx//

2006 May 04 11:29:47 BST +01:00 %SYS-6-CFG_CHG:Module 10 block changed by SecurityRx//

2006 May 04 11:29:48 BST +01:00 %SYS-6-CFG_CHG:Module 12 block changed by SecurityRx//

2006 May 04 11:29:51 BST +01:00 %SYS-6-CFG_CHG:Module 10 block changed by SecurityRx//

2006 May 04 11:29:53 BST +01:00 %SYS-6-CFG_CHG:Module 5 block changed by SecurityRx//

2006 May 04 11:29:54 BST +01:00 %SYS-6-CFG_CHG:Module 6 block changed by SecurityRx//

2006 May 04 11:29:56 BST +01:00 %SYS-6-CFG_CHG:Module 5 block changed by SecurityRx//

2006 May 04 11:29:56 BST +01:00 %SYS-6-CFG_CHG:Module 4 block changed by SecurityRx//

2006 May 04 11:29:57 BST +01:00 %SYS-6-CFG_CHG:Module 5 block changed by SecurityRx//

2006 May 04 11:29:58 BST +01:00 %SYS-6-CFG_CHG:Module 6 block changed by SecurityRx//

  • Other Network Infrastructure Subjects
2 REPLIES

Re: Port security configuration changes in Syslog

Hi Pat,

Logging level 6 baiscally a informational level messages and 5 is notification messages which can be due to Normal bug significant condition .

Have a look at tthis link

http://www.cisco.com/univercd/cc/td/doc/product/lan/cat6000/sw_7_1/conf_gd/logging.htm#1019846

Also have a look at this link for all kinds of level sys-6 messages.

http://www.cisco.com/univercd/cc/td/doc/product/lan/cat6000/sw_7_3/msg_gd/emsg.htm#wp1016897

HTH, if yes please rate the post.

Ankur

New Member

Re: Port security configuration changes in Syslog

Thanks Ankur.

I am aware of the what you get out of the logging levels. I am particularly interested though in why these particular securityRX messages come in so often when there is no actual configuration change.

I am thinking of going to SYS-5 as I do not believe SYS-6 gives any good information (especially if you track changes via TACAC's). I would like to know though why Cisco recommend increasing the logging level to 6 for SYS in their Best Practices.

http://cisco.com/en/US/products/hw/switches/ps663/products_tech_note09186a0080094713.shtml#sl

Thanks

Pat

233
Views
3
Helpful
2
Replies
This widget could not be displayed.