Syslog Configuration (Cisco)
In this Syslog Configuration example, we will learn How to do Syslog Configuration on Cisco Routers. Here, we will use the below simple topology consist of a Cisco Router and a Syslog Server.
Here, we will go through 3 steps, these are:
- IP Configurations
- Syslog Configuration
- Checking Logs
So, let’s start Syslog Configuration step by step.
Firsty, we will do the ip configurations of both router and server interfaces. This is a classical IP address configuraration. We will use the below ip addresses:
Router Fa0/0 -> 10.0.0.1/24
Server Fa0 -> 10.0.0.2/24
On Router we will do the below configuration:
Router # configure terminal
Router (config)# interface fastEthernet 0/0
Router (config-if)# ip address 10.0.0.1 255.255.255.0
Router (config-if)# no shutdown
Router (config-if)# exit
On Server we will do the below configuration:
In this step, we will configure 3 sub steps. These are the main Syslog configuration steps in a router. Here, we will do the below jobs:
- Enabling Syslog
- Setting Syslog Server IP
- Setting Trap Level
On Cisco routers, firstly we will enable syslog with “logging on” command.
Router (config)# logging on
After that we will enter the Log Server IP address. This IP address will be the interface IP address of our Syslog Server. It is 10.0.0.2.
Router (config)# logging 10.0.0.2
Lastly, we will set the trap level. As you can see in the first Picture, there are 8 trap levels. These are:
- 0 Emergency
- 1 Alert
- 2 Critical
- 3 Error
- 4 Warning
- 5 Notification
- 6 Informational
- 7 Debug
Here, if you select any of these levels, all the other levels lover than it, will be showed in the logs. For example if you select Critical level (3), then Critical (3), Alert(2) and Emergency(1) Levels will be in the logs. For thsi example, we will set tap level as “debug”. So, we will see all the logs after this configuration.
Router (config)# logging trap debugging