After you have finally installed syslog-ng successfully, you can test it out by configuring the router/switch to be syslog client.
Here is the guide on how to configure cisco router for the syslog
Syslog Configuration and Cisco Devices
Syslog reserves facilities "local0" through "local7" for log messages received from remote servers and network devices. Routers, switches, firewalls and load balancers each logging with a different facility can each have their own log files for easy troubleshooting. The following examples will show how to have a different log file for each class of device.
If you have a large data center, then you may also want to switch off all logging to /var/log/messages as suggested above for the home/SOHO environment. In all the network device configuration examples below we are logging to the remote Linux logging server 192.168.1.100 which we set up in the previous section.
Cisco Routers
By default Cisco routers send syslog messages to their logging server with a default facility of local7. We won't set the facility in this case, but we can tell the router to timestamp the messages and make the messages have the source IP address of the loopback interface.
service timestamps log datetime localtime
no logging console
no logging monitor
logging 192.168.1.100 <== your log server IP
Catalyst CAT Switches running CATOS
By default Cisco switches also send syslog messages to their logging server with a default facility of local7. We won't change this facility either, therefore making routers and switches log to the same file.
set logging server enable
set logging server 192.168.1.100 <== your log server IP
set logging level all 5
set logging server severity 6
If you have any problem with the configuration, please post it to the comment box.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment