The objective of this lab exercise is for you to learn and understand how to configure Cisco IOS devices to send log messages to a SYSLOG server.
Configuring Cisco IOS devices to send logging information to a SYSLOG server is a fundamental skill. In most networks, a SYSLOG server is present and devices are configured to send log messages to this central repository. Users or groups managing this central repository can therefore see alarms from devices and act accordingly to address the issues. As a Cisco engineer, as well as in the Cisco CCNA exam, you will be expected to know how to configure Cisco IOS devices to send log messages to SYSLOG servers.
This lab is suitable for CCENT and CCNA certification exam preparation.
This lab has a difficulty rating of 5/10.
When you are ready for your certification exam, you should complete this lab in no more than 5 minutes.
IMPORTANT NOTE: The objective of this lab is to simply familiarize you with the steps required to configure a Cisco IOS device to send log messages to a SYSLOG server. Because there will be no real SYSLOG server configured against which to perform testing, the sole objective of this lab is command familiarity.
Please use the following topology to complete this lab:
Configure the hostnames on R3 and Sw1 as illustrated in the topology.
At this stage, we know that by default, all interfaces on a Cisco Catalyst Switch are in VLAN1. Therefore, simply enable interfaces FastEthernet0/2 and FastEthernet0/3 on Sw1.
Configure R3 to send SYSLOG messages up to Level 7 to the SYSLOG server 192.168.254.254.
Verify your SYSLOG configuration on R3 using the show logging command.
Configuration and Verification
For reference information on configuring hostnames, please refer to earlier labs.
Sw1#config t Enter configuration commands, one per line. End with CTRL/Z. Sw1(config)#interface fastethernet0/2 Sw1(config-if)#no shutdown Sw1(config-if)#exit Sw1(config)#interface fastethernet0/3 Sw1(config-if)#no shutdown Sw1(config-if)#^Z Sw1#
R3#conf t Enter configuration commands, one per line. End with CTRL/Z. R3(config)#logging trap debugging R3(config)#logging host 192.168.254.254 R3(config)#end R3#
NOTE: When configuring logging levels, you can use the number or the keyword for the specific level for which you want to enable logging. You can view the correlation between numbers and keywords by using a question mark after the logging trap command as illustrated below:
R3(config)#logging trap ? <0-7> Logging severity level alerts Immediate action needed (severity=1) critical Critical conditions (severity=2) debugging Debugging messages (severity=7) emergencies System is unusable (severity=0) errors Error conditions (severity=3) informational Informational messages (severity=6) notifications Normal but significant conditions (severity=5) warnings Warning conditions (severity=4)
R3#show logging Syslog logging: enabled (0 messages dropped, 1 messages rate-limited, 0 flushes, 0 overruns, xml disabled) Console logging: disabled Monitor logging: level debugging, 0 messages logged, xml disabled Buffer logging: disabled, xml disabled Logging Exception size (4096 bytes) Count and timestamp logging messages: disabled Trap logging: level debugging, 33 message lines logged Logging to 192.168.254.254, 1 message lines logged, xml disabled
NOTE: Logging using a level of 7 indicates that the device will send logs for all other levels. If you had a SYSLOG server and performed a configuration task on the router, you would see the log messages on the SYSLOG server.