Log store is very popular. The information is usually stored includes the port status, security alerts and the status of the environment .... Here is a typical configuration log:

logging buffered 16384
logging trap debugging
logging facility local7 <- Syslog facility on syslog server
logging 169.222.32.1 <- IP address of your syslog server



to set the syslog daemon on the 4.3 BSD Unix, used a wrong line in the file
/ Etc / syslog.conf:

local7.debugging / usr / adm / logs / cisco.log

By default, the log message would not have timestamps. If you want to add timestamps assigned to each log line, add the following commands:

service timestamps debug datetime localtime show-timezone msec
service timestamps log datetime localtime show-timezone msec

This time, the result of the message looks like:

Jul 27 15 23,235 AEST:% SYS-5-CONFIG_I: Configured from console by philip on console
The parameters of the command:
- Debug: All debug information will be labeled time.
- Log: All log information will be labeled time.
- Datetime: the date and time will appear in the message.
- Localtime: Time is used as a local (not UTC).
- Show-timezone: timezone shows.
- Msec: the exact time to milliseconds.

Can also specify an IP address for the log message.

logging source-interface loopback0

SYSLOG data analysis:

Here are the software tools used to analyze the syslog.

Cisco Resource Manager http://translate.googleusercontent.com/translate_c?hl=en&sl=vi&tl=en&u=http://www.cisco.com/warp/public/734/crm/index.shtml&rurl=translate.google.com&twu=1&usg=ALkJrhhcUd116B_mFqtQB6FZSkLV12NQZQ
Private I http://translate.googleusercontent.com/translate_c?hl=en&sl=vi&tl=en&u=http://www.4privatei.com/&rurl=translate.google.com&twu=1&usg=ALkJrhhTkpW1RXR32o7MS_WNhyaqLqZWGw
Crystal Reports http://translate.googleusercontent.com/translate_c?hl=en&sl=vi&tl=en&u=http://www.seagatesoftware.com/crystalreports/&rurl=translate.google.com&twu=1&usg=ALkJrhhkCy39DiinjbbxGXQI00S83_tkJQ

Example configuration. In this example, router R2 will specify the address 150.50.17.5 as the logging server. These messages are sent out the attached timestamp. All log messages will be sent out on the logging server as well will have been cached on R2 15000 bytes.

Router 2:


Current configuration: 761 bytes
!
Version 1.12
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime localtime show-timezone msec
no service password-encryption
!
hostname R2
!
logging buffered 15000 debugging
!
clock timezone CST -6
clock summer-time CDT recurring
ip subnet-zero
no ip finger
!
interface Loopback0
ip address 200.0.0.2 255 255 255 255
!
interface Ethernet0
ip address 150.50.17.2 255.255.255.0
!
ip classless
ip http server
!
logging trap debugging
logging 150.50.17.5
!
end