Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

SNMP vs SYSLOG

Just wondering, I set up the the PIX to have logging trap errors. I also configured the snmp-server enable traps. I send both syslog and snmp to the same Event monitor. It appears that I am recieving the smae messsages in both syslog and snmp. If I stop the syslog and rely only on snmp will I be missing any messages that syslog would have sent or is there any difference. Does anyone have a suggestion or best practicse they follow?

3 REPLIES
Bronze

Re: SNMP vs SYSLOG

Both is probably unnecessary duplication to run both unless you are analyzing your logs with something like Private I from opensystems.com. But then you’ll need to run debugging log files.

New Member

Re: SNMP vs SYSLOG

There is no difference between syslog and snmp beside the way the message are sent to the logging device. The only thing that should direct your choice is the end device that is logging you message. If your logging/analysing/alerting product support syslog, you should use syslog instead of snmp since it take less ressources to operate.

Cisco Employee

Re: SNMP vs SYSLOG

p.mckay,

Yes. Those would be the same messages.

I'd suggest that Syslog is what the Firewall Administrator needs to look at (regularly) and that SNMP is what the Network Administrator needs to look at (regularly). If the two people are one and the same then you can run just one.

Note that in the PIX there is a big difference between Syslog and SNMP. Syslog on the PIX can be configured to run over TCP (rather than UDP). SNMP runs over UDP. Syslog over TCP is more resource intensive on the PIX and the LAN. But the messages get to the Syslog server (where they may be otherwise discarded on a traffic heavy LAN).

Liberty for All,

Brian

998
Views
0
Helpful
3
Replies