简单配置CISCO设备的syslog
ROUTER
Router(config)#logging 192.168.0.30
!—配置syslog服务器地址,可以定义多个
Router(config)#service timestamps debug datetime localtime show-timezone msec
Router(config)#service timestamps log datetime localtime show-timezone msec syslog
!—信息包含时间戳
Router(config)#logging facility local3
!—定义facility级别,不同设备不同参数,目前还不明白是什么意思!
Router(config)#logging trap warning
!—定义severity级别缺省为infor级别,一共8个级别,可以用数字表示
Router#show logging
Syslog logging: enabled (0 messages dropped, 0 flushes, 0 overruns)
Console logging: level debugging, 79 messages logged
Monitor logging: level debugging, 0 messages logged
Buffer logging: disabled
Trap logging: level warnings, 80 message lines logged
Logging to 192.168.0.30, 57 message lines logged
SWITCH(CATOS)
Console> (enable) set logging timestamp enable
!—定义信息包含日期戳
Console> (enable) set logging server 192.168.0.30
!—指定服务器地址,最多可以指定3个
Console> (enable) set logging server facility local4
!—定义facility级别,同上,没有搞定这个具体是干什么的。
Console> (enable) set logging server severity 4
!—定义severity级别除了前面提到的路由器上的severity级别以外还有一些交换机特有的
Console> (enable) set logging server enable
!—启用syslog服务
Console> (enable) show logging
Logging buffered size: 500
timestamp option: enabled
Logging history size: 1
Logging console: enabled
Logging server: enabled
{192.168.0.30}
server facility: LOCAL4
server severity: warnings(4
Current Logging Session: e
nabled
Facility Default Severity Current Session Severity
————- ———————– ————————
cdp 3 4
drip 2 4
PIX
Firewall(config)# loggin timestamp
!—定义信息包含日期戳
Firewall(config)# logging host 192.168.0.30
!—服务器地址,可以指定以udp或者tcp来发送信息,具体看相关文档。
Firewall(config)# logging facility 21
!—定义facility级别,防火墙使用两位字符,local0对应16,依次类推,缺省为20也就是local4,具体含义没弄清楚。
Firewall(config)# logging trap 7
!—定义severity级别,7为debug,0为emer,1为alert.
Firewall(config)# logging on
!—启用syslog
Firewall(config)# no logging message 111005
!–抑制特定的syslog信息,111005具体代表什么,请查看相关文档。
Firewall(config)# exit
Firewall# show logging
Syslog logging: enabled
Facility: 21
Timestamp logging: enabled
Standby logging: disabled
Console logging: disabled
Monitor logging: disabled
Buffer logging: disabled
Trap logging: level debugging, 6 messages logged
Logging to inside 192.168.0.30
History logging: disabled
Device ID: disabled
根据相关的版本和不同的设备,可能设置会有些不同,请上Cisco Documentation上查找相关文档。