Enabling Syslog on a Unix Server
Problem
You want to configure a Unix server to accept syslog messages from routers.
Solution
For most flavors of Unix and Linux, you simply need to modify the /etc/syslog.conf file on your Unix server to include the following entry (basic configuration):
local7.info /var/log/rtrlog
This example stores all router messages using the default logging facility for Cisco routers, local7. It also stipulates that router log messages with a severity level of informational or greater (refer to Table 18-1) will be directed to the file /var/log/rtrlog. The syntax of the syslog.conf file is log facility.priority notation, followed by a filename.
Warning
Note that the syslog.conf file needs tabs, and not spaces, between the various fields.
Discussion
By default, your syslog server may not be equipped to handle router log messages. The above configuration entry will caused the syslog daemon to store all router messages, of informational severity level and higher, to a file called /var/log/rtrlog. Before the server will begin forwarding messages to this file, it must exist and have the proper file attributes:
Freebsd#cd
/var/log Freebsd#
/var/log
touch
Freebsd#
rtrlog
chmod
Freebsd#
644 rtrlog
Then you should reload or HUP the syslog daemon to force it to read your new configuration file and begin storing router log messages. On System V-based Unix servers, use the following commands:
Solaris#ps -ef | grep syslogd
root142
1 0 Nov 12 ? 1:21 /usr/sbin/syslogd -m 30 Solaris# ...
Get Cisco IOS Cookbook, 2nd Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.