To setup RSYSLOG with Cisco router, we need to first install the packet on the linux by entering apt-get install rsyslog.
After installing the package, we will then proceed to configure the configuration by opening /etc/rsyslog.conf.
Uncomment # provides UDP syslog reception $ModLoad imudp $UDPServerRun 514 and then add local7.* /var/log/cisco to the configuration.
Lastly, add $AllowedSender UDP, 127.0.0.1, (ip address) to the end of the configuration file. Restart the service by service rsyslog restart. Create the log file in /var/log/ by entering touch cisco.
For the router, enable logging by entering logging host (linux ip address) sequence-num-session in the global configuration mode.sequence- num-session (Optional) Includes a session sequence number tag in the syslog message. logging trap (1-7) to filter out the priority of the logs.
Generate some logging traffic and verify if the logging is sucessful or not by opening the log file created in /var/log/cisco.
Cisco log reference : http://www.cisco.com/c/en/us/td/docs/ios/netmgmt/command/reference/nm_book/nm_09.html#wp1082864
Tidak ada komentar:
Posting Komentar