Many network administrators overlook the importance of router logs. Logging can use for fault notification, network forensics, and security auditing.
Cisco routers log messages can handle in five different ways:
Console logging:By default, the router sends all log messages to its console port. Hence only the users that are physically connected to the router console port can view these messages.
Terminal logging:It is similar to console logging, but it displays log messages to the router's VTY lines instead. This is not enabled by default
Buffered logging:This type of logging uses router's RAM for storing log messages. buffer has a fixed size to ensure that the log will not deplete valuable system memory. The router accomplishes this by deleting old messages from the buffer as new messages are added.
Syslog Server logging :The router can use syslog to forward log messages to external syslog servers for storage. This type of logging is not enabled by default.
SNMP trap logging:The router is able to use SNMP traps to send log messages to an external SNMP server.
Sample router log messages:
|
| Level name | Router messages |
| 0 | Emergencies | System shutting down due to missing fan tray |
| 1 | Alerts | Temperature limit exceeded |
| 2 | Critical | Memory allocation failures |
| 3 | Errors | Interface Up/Down messages |
| 4 | Warnings | Configuration file written to server, via SNMP request |
| 5 | Notifications | Line protocol Up/Down |
| 6 | Information | Access-list violation logging |
| 7 | Debugging | Debug messages |
Configuration Overview:
A)Console logging:
The router does not check if a user is logged into the console port or a device is attached to it; if console logging is enabled, messages are always sent to the console port that can cause CPU load.
To stop the console logging, use the "no logging console" global configuration command .you might want to limit the amount of messages sent to the console with the "logging console level" configuration command (for example, logging console Informational).
B) Buffered logging:
You want your router to record log messages, instead of just displaying them on the console.To use logging buffered configuration command to enable the local storage of router log messages:
Router#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#logging buffered informational
Router(config)
No comments:
Post a Comment