Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Syslog Server for Cisco Devices
Operating Systems Linux Syslog Server for Cisco Devices Post 302837375 by DGPickett on Thursday 25th of July 2013 03:40:38 PM
Old 07-25-2013
Most robust would be to have the syslog server be a broadcast address on a small subnet, where there are two LINUX boxes providing redundant syslog service. Syslog should use udp packets, so both machines will log the same packets.

Logging on every syslog server is controlled by the configuration file, which specifies key filters for each configured output file.
Man Page for syslog.conf (all Section 4) - The UNIX and Linux Forums
Man Page for syslogd (all Section 1m) - The UNIX and Linux Forums

If the syslog is configured remote, the local server should not be seeing the packets, unless it is double-logging.

I usually google for tutorials to get started.
syslog tutorial - Google Search
 

6 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

Connecting to cisco devices via console

I use configure cisco devices daily using hyper terminal in windows via the serial port. Is there an alternative solution in unix that I can connect to a cisco console port via serial port? What application do I need?? (1 Reply)
Discussion started by: dgroove3
1 Replies

2. Linux

Linux Server Performance and Cisco Equipment

Hi, I have different Linux server which connected via LAN ( Cisco switch and fire wall ). Which is the best way to check the performance of LAN ? e.g. permanent traces on Cisco switch or firewall or sar check and compare the parameters like CPU load, I/O performance and so on Best... (1 Reply)
Discussion started by: rhacodactylus
1 Replies

3. IP Networking

Cisco Internet Usage/Syslog Files

Here is my generic network: T1/ISP Router | | | Cisco 2811 router/Firewall----------------DSL/Router | | | ... (0 Replies)
Discussion started by: metallica1973
0 Replies

4. OS X (Apple)

Terminal scripting to automate login to cisco devices. Help Please !

Hello, I am new to the mac world, and would like to automate my login to cisco devices (routers, switches etc...), i am in a need of writing a script that i may just click on an icon on the desktop and it will open terminal and run a few command. as follow: telnet to an ip address type... (2 Replies)
Discussion started by: drdread
2 Replies

5. Solaris

Cisco IOS VPN server IKE

How do I tell if Cisco IOS VPN server IKE is running on my solaris 10 system (1 Reply)
Discussion started by: pgsanders
1 Replies

6. IP Networking

Cisco VPN server and client - connection drop

I have a Cisco 1841 router configured as Easy VPN Server. Here is the configuration of the router: Cisco# Cisco#show running-config Building configuration... Current configura - Pastebin.com I have a Centos 5.7 server with installed Cisco VPN client for Linux. The client successfully... (0 Replies)
Discussion started by: rcbandit
0 Replies

LEARN ABOUT OSF1

syslog_evm.conf

syslog_evm.conf(4)					     Kernel Interfaces Manual						syslog_evm.conf(4)

NAME

       syslog_evm.conf - EVM syslog subscription configuration file

SYNOPSIS

       facility.priority

DESCRIPTION

       The  syslog_evm.conf file is a text file that specifies what syslog messages will be forwarded from the syslog daemon to the Event Manager,
       EVM,in the form of EVM events.  Those syslog messages are posted to the EVM daemon evmd by syslogd if the syslogd  forwarding  function	is
       turned on with the -e flag.  Events are posted with the EVM name of sys.unix.syslog.facility-name.

       This configuration file is read every time syslogd starts, or is restarted by a SIGHUP signal.  If the file does not exist, or if it exists
       but contains no subscription lines, no syslog messages will be posted to EVM.

       Each line in the file controls the forwarding of one syslog event.  Lines beginning with the # character are considered	comments  and  are
       ignored.  Only one subscription per line is permitted.  Mixing a subscription and a comment on the same line is not allowed.

       Each  line has the format facility.priority[+].	Specifies the part of the system that generated the message.  Legal values are the follow-
       ing: All messages.  Messages generated by the kernel.  Messages generated by user processes.  Messages generated by the mail system.   Mes-
       sages  generated  by  system  daemons.	Messages generated by the authorization system.  Messages generated internal to the syslog system.
       Messages generated by the line printer spooling system.	Messages generated by the system news command.	Messages generated by the UNIX	to
       UNIX  copy  system.   Messages  generated by the system clock daemon.  Messages generated by remote file systems.  Available for local use.
       Indicates the priority of the message.  If the priority is followed by a + character, events which are of the specified priority or  higher
       are forwarded; otherwise only events which exactly match the priority are forwarded.

	      The priority level must be one of the following: Forward messages of any priority.  Forward messages of emergency priority.  Forward
	      messages of alert priority.  Forward messages of critical priority.  Forward messages of error priority.	Forward messages of  warn-
	      ing priority.  Forward messages of notice priority.  Forward messages of information priority.  Forward messages of debug priority.

EXAMPLES

       This  example causes syslogd to forward events to EVM as follows: All messages of emergency priority are forwarded.  All messages generated
       in the kernel which have a priority of info or greater are forwarded.  All messages generated by users, by the mail  subsystem  or  by  the
       system daemons which have a priority of info or greater are forwarded.

       *.emerg kern.info+ user.notice+ mail.notice+ daemon.notice+

FILES

       Location  of the system logger configuration file.  Location of the EVM syslog subscription configuration file.	Location of the EVM logger
       configuration file.

SEE ALSO

       Commands: evmd(8), evmlogger(8), syslog(1), syslogd(8)

       Routines: syslog(3)

       Event Management: EVM(5)
       delim off

																syslog_evm.conf(4)
All times are GMT -4. The time now is 12:46 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy