Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 

Is it possible to log authentication requests from an Access Point to the syslog server?

 

 

Introduction

Is it possible to log authentication requests from an Access Point to the syslog server?

 

Resolution

 

By default, Access Points (APs) send the output from system messages and debug privileged EXEC commands to a logging process. The logging process controls the distribution of logging messages to various destinations, such as the logging buffer, terminal lines, or a UNIX syslog server, depending on your configuration. The process also sends messages to the console.

 

Defining the Message Severity Level

 

You can limit messages displayed to the selected device by specifying the severity level of the message, which are described in Table.

 

Beginning in privileged EXEC mode, follow these steps to define the message severity level:

 

 

   

Command

 

Purpose

Step 1

configure terminal

Enter global configuration mode.

Step 2

logging console level

Limit messages logged to the console. By default, the console receives debugging messages and numerically lower levels.

Step 3

logging monitor level

Limit messages logged to the terminal lines. By default, the terminal receives debugging messages and numerically lower levels.

Step 4

logging trap level

Limit messages logged to the syslog servers.By default, syslog servers receive informational messages and numerically lower levels. For complete syslog server configuration steps, see the "Configuring UNIX Syslog Servers" section.

Step 5

end

Return to privileged EXEC mode.

Step 6

show running-config

or

show logging

Verify your entries.

Step 7

copy running-config startup-config

(Optional) Save your entries in the configuration file.

 

 

Note

Specifying a level causes messages at that level and numerically lower levels to be displayed at the destination.

 

To disable logging to the console, use the no logging console global configuration command. To disable logging to a terminal other than the console, use the no logging monitorglobal configuration command. To disable logging to syslog servers, use the no logging trap global configuration command.

Table describes the level keywords. It also lists the corresponding UNIX syslog definitions from the most severe level to the least severe level.

 

 

Message Logging Level Keywords

 

Level Keyword

 

Level

Description

Syslog Definition

emergencies

0

System unstable

LOG_EMERG

alerts

1

Immediate action needed

LOG_ALERT

critical

2

Critical conditions

LOG_CRIT

errors

3

Error conditions

LOG_ERR

warnings

4

Warning conditions

LOG_WARNING

notifications

5

Normal but significant condition

LOG_NOTICE

informational

6

Informational messages only

LOG_INFO

debugging

7

Debugging messages

LOG_DEBUG

 

 

The software generates four other categories of messages:

Error messages about software or hardware malfunctions, displayed at levels warnings through emergencies. These types of messages mean that the functionality of the access point is affected.

Output from the debug commands, displayed at the debugging level. Debug commands are typically used only by the Technical Assistance Center (TAC).

Interface up or down transitions and system restart messages, displayed at the notifications level. This message is only for information; access point functionality is not affected.

Reload requests and low-process stack messages, displayed at the informational level. This message is only for information; access point functionality is not affected.

 

Note

Authentication request log messages are not logged on to a syslog server. This feature is not supported on Cisco Aironet access points.

 

Problem Type

Release notes / product  overview / data sheet / FAQ

 

Products

Access point

 

Reference

 

Message Logging Level Keywords

Understanding System Message Logging