In my homelab setup I am dumping syslog on all my devices to my Linux desktop. Have not figure out what I am going to do with it yet, but I see myself either setting up Splunk or Greylog in the near future. Note, a while back I wrote a post on how to configure rsyslog on RHEL 6 – s0 if you are interested you can find that post here.
So lets get down to brass tacks and configure some freaking syslog.
In this instance we are configuring syslog redirection on a Cisco 3548xl switch. Note we are in configure terminal mode.
First we must tell our device to insert timestamps on
s-3550-1(config)#service timestamps log datetime
Now we tell the device where to send the syslog messages
Now we tell the device which log levels to send to the syslog server. In this instance I am sending warning level messages and above. This is pretty verbose, but its a home lab so I am not worried about a slew of log messages pounding my syslog server.
s-3550-1(config)#logging trap warning
For reference I am including the logging levels below.
Now lets review what we have done with the show logging command
Syslog logging: enabled (0 messages dropped, 0 flushes, 0 overruns)
Console logging: level debugging, 13 messages logged
Monitor logging: level debugging, 0 messages logged
Buffer logging: level debugging, 13 messages logged
File logging: disabled
Trap logging: level warnings, 13 message lines logged
Logging to 192.168.0.195, 0 message lines logged
Note that this procedure is exactly the same on my Cisco 2621 switch.