In my homelab setup I am dumping syslog on all my devices to my Linux desktop. Have not figure out what I am going to do with it yet, but I see myself either setting up Splunk or Greylog in the near future. Note, a while back I wrote a post on how to configure rsyslog on RHEL 6 – s0 if you are interested you can find that post here.
So lets get down to brass tacks and configure some freaking syslog.
In this instance we are configuring syslog redirection on a Cisco 3548xl switch. Note we are in configure terminal mode.
First we must tell our device to insert timestamps on
s-3550-1(config)#service timestamps log datetime
Now we tell the device where to send the syslog messages
s-3550-1(config)#logging 192.168.0.195
Now we tell the device which log levels to send to the syslog server. In this instance I am sending warning level messages and above. This is pretty verbose, but its a home lab so I am not worried about a slew of log messages pounding my syslog server.
s-3550-1(config)#logging trap warning
For reference I am including the logging levels below.
Emergency: 0
Alert: 1
Critical: 2
Error: 3
Warning: 4
Notice: 5
Informational: 6
Debug: 7
Now lets review what we have done with the show logging command
s-3550-1#show logging
Syslog logging: enabled (0 messages dropped, 0 flushes, 0 overruns)
Console logging: level debugging, 13 messages logged
Monitor logging: level debugging, 0 messages logged
Buffer logging: level debugging, 13 messages logged
File logging: disabled
Trap logging: level warnings, 13 message lines logged
Logging to 192.168.0.195, 0 message lines logged
Note that this procedure is exactly the same on my Cisco 2621 switch.
Related articles