Network monitoring tools must be used to efficiently manage Cisco equipment. Although SNMP can be used to check the status of network equipment, checking the real-time log of the system is an increasingly important issue.
Let’s explain and understand the details of Syslog here.
[Global common]
service timestamps debug datetime msec localtime show-timezone year
service timestamps log datetime msec localtime show-timezone year
service sequence-numbers <– Stamp logger messages with a sequence number
ntp logging – logging NTP
epm logging – logging EPM Global Configuration
process cpu threshold type total rising 80 interval 5
memory free low-watermark processor 20000
memory free low-watermark io 20000
logging host 10.1.1.x transport udp port 514
logging trap informational
logging userinfo
archive – Archive the configuration
log config – Logging changes to the running configuration
logging enable
logging size 250
notify syslog contenttype plaintext
hidekeys- suppress output (e.g. passwords) when displaying logged commands
Login – Enable secure login checking
login on-failure log
login on-success log
[Interface]
logging event link-status
logging event trunk-status
logging event status
logging event spanning-tree
logging event power-inline-status
logging event subif-link-status
arp log threshold entries 2048
[DHCP]
ip dhcp limit lease log
ip dhcp conflict logging
[NAP]
ip nat log translations syslog
[IP Access List]
ip access-list logging hash-generation
[MAC]
mac address-table notification mac-move – Enable Mac Move Notification
mac address-table notification change – Enable/Disable MAC Notification feature on the switch
[Spanning Tree]
spanning-tree logging – Enable Spanning tree logging