Syslog
Application protocol and event logging format enabling different appliances and software applications to transmit logs or event records to a central server.
Syslog collectors operate on 514/udp.
Messaging
Syslog messages can be generated by Cisco routers and switches, as well as Linux/UNIX servers and workstations. All syslog messages have a PRI code, a header with a timestamp, a hostname, and a message part. PRI codes are calculated from the facility and a severity level. The message contains a tag showing the source process and it's content. The format of the content is application dependent, but the most commonly used format is JSON.
Configuration
Configure a Cisco IOS router to use Syslog using Kiwi, a simple, free server software.
conf tEnter global configuration mode.service timestamps log datetime msecConfigure the server to log timestamps.logging 10.10.10.250Configure the server to send logs to the specified serverlogging trap [log level|debugging]Configure the server to send logs corresponding to the eight logging levels.
No comments to display
No comments to display