Setup nodes to send logs to Ubuntu server

Featured Image
Hasan-Uz-Zaman Ashik

Written by Hasan-Uz-Zaman

Log Analysis

0 Comments(s)

February 3, 2021

h

Table of Contents

$
Setup Syslog-ng in the server
$
Configure Syslog-ng to accept logs from sources
$
Configure remote nodes to send logs to the Ubuntu server
$
Configure destinations to store logs
$
Develop web tool/ install database client tool/ data analysis tool to visualize logs

In this blog post, we’ll explore the basic commands used to configure syslog on switch routers.

Enabling Syslog

The first step in configuring syslog on switch routers is to enable the service. This is done using the following command:

Router# configure terminal Router(config)# logging on

This command enables syslog logging on the router.

Setting the Logging Level

The next step is to set the logging level. The logging level determines which messages are logged by the router. The levels range from 0 to 7, with 0 being the most critical messages and 7 being the least critical. The following command sets the logging level to level 5:

Router(config)# logging console 5

This command sets the console logging level to 5.

Configuring the Syslog Server

The final step is to configure the syslog server. This is the device that will receive the syslog messages from the router. The following command sets the IP address of the syslog server:

Router(config)# logging host <IP address>

This command sets the IP address of the syslog server.

Verifying Syslog Configuration

Once syslog is configured on the router, you can verify the configuration using the following command:

Router# show logging

Vendor : Huawei
Type : Router 
Models : 

HUAWEI NE40E-X8A
HUAWEI NE40E-X3A
HUAWEI NE40E-M2K
HUAWEI NE20E-S2F
HUAWEI NE05E-SE
HUAWEI ATN 910B-F DC

Command

info-center source default channel 2 trap state off debug level informational
info-center loghost source LoopBack0
info-center loghost your_log_server_ip level informational
info-center timestamp debugging date precision-time second without-timezone
info-center timestamp log date precision-time millisecond without-timezone
info-center logbuffer size 10240

Vendor : Huawei
Type : Switch
Models : 

HUAWEI CE6865-48S8CQ-EI
HUAWEI S6320-30C-EI-24S-DC
HUAWEI S6320-50L-HI-48S
Quidway S6324-EI
HUAWEI S5720-28X-LI-24S-AC
Quidway S5328C-EI-24S
HUAWEI S5320-32X-EI-24S-DC
HUAWEI S5320-32X-EI-24S-AC
HUAWEI S5320-32X-EI-DC
HUAWEI S5300-28X-LI-24S-AC
Quidway S3700-28TP-EI-24S-AC
Quidway S3328TP-EI-24S
Quidway S3328TP-SI
HUAWEI S2320-28TP-EI-AC
Quidway S2318TP-EI

Command

info-center source default channel 2 trap state off debug level informational
info-center loghost your_log_server_ip facility local1
info-center timestamp debugging date precision-time second
info-center timestamp log date precision-time millisecond
info-center timestamp debugging date precision-time second without-timezone
info-center timestamp log date precision-time millisecond without-timezone
info-center logbuffer size 1024

Vendor : Cisco
Type : Router IOS-XR
Models : 

Cisco ASR 9010
Cisco ASR-9001
Cisco NCS-5500
Cisco NCS-540

Command

logging on
logging trap informational
logging events level informational
logging buffered 125000000
logging facility local7
logging your_log_server_ip vrf default severity info port default
logging source-interface Loopback0
logging events link-status software-interfaces
logging hostnameprefix your_log_server_ip
logging console notifications
logging monitor debugging
logging events link-status software-interfaces

 

Vendor : Cisco
Type : Router IOS-XE
Models : 

Cisco ASR-903 (RSP2)
Cisco ASR-903 (RSP1)
Cisco ASR-902 (RSP2)
Cisco ASR 920 24SZIM
Cisco ASR-920-24SZM
Cisco ASR-920-12CZ-D
Cisco ASR-920-8S4Z-PD
Cisco A901-12C-F-D
Cisco A901-12C-FT-D
Cisco A901-6CZ-F-D
Cisco A901-6CZ-F-A
Cisco A901-6CZ-FT-D

Command

logging host your_log_server_ip
logging on
logging monitor
logging buffered 64000 informational
logging trap informational
logging console notifications

Vendor : Cisco
Type : Switch
Models : 

Cisco ME-3800X-24FS-M
Cisco ME-3400-24FS-A
Cisco ME-3400-24TS-A
Cisco WS-C2960-24TC-L
Cisco WS-C2960-24TC-S

Command

logging facility local1
logging source-interface Loopback1
logging your_log_server_ip
logging esm config
logging buffered 64000 informational

In conclusion, configuring syslog on switch routers is a critical task for any network administrator. By using the basic commands above, you can enable syslog logging, set the logging level, configure the syslog server, and verify the configuration. With an effective syslog configuration in place, you can centralize your logs and manage them more effectively.

Categories

You May Also Like…

Hasan-Uz-Zaman

Hasan-Uz-Zaman

Network Engineer

Zaman is an aspiring Technical Writer and passionate about software-defined networking (SDN), Network Automation, Ansible, Log data management (Syslog-ng), Python tools, Web Application development (django) etc.

Let's start talking!

0 Comments

Submit a Comment

Your email address will not be published. Required fields are marked *