Setting Up Syslog on a Linux Box for Your IOS Devices
A few articles ago, we discussed getting logging up and running on your IOS box. Part of the discussion was actually having the device log remotely to a box somewhere, but that’s kind of worthless without a properly (for definitions of proper) configured syslog server. A low-end Linux box with an appropriate amount of disk space is a really good candidate to do this for you. I’ll assume you’re running some Redhat-based distro.
I won’t go through the installation, but it should be easy. Just look for the syslog packages for your distro and you should wind up with a working copy on your box. On a Redhat distro, you’ll probably just do a yum install syslog to get it working.
The first thing you need to do is to configure the daemon to listen for remote machines, so open in /etc/sysconfig/syslog in your favorite editor (read: vi) and change the SYSLOGD_OPTIONS line to read this.
SYSLOGD_OPTIONS="-m 0 -r"
By default, if you restarted the daemon now, you’d wind up sending all your syslog messages to /var/log/boot.log. That may be alright for you, but, if you have a lot of devices, you may want to log them to another file. To do that, you need to change the local7 line at the bottom of /etc/syslog.conf. Just add this and comment out the original line.
# Write router messages to /var/log/cisco.log local7.* /var/log/cisco.log
That’s all the configuration you need, so let’s restart the service for everything to spring into action.
/etc/init.d/syslogd restart
In a perfect world, when your IOS devices are configured properly, you’ll have a nice log of IOS messages to keep for posterity.
Related Posts
2008-08-11
2008-07-10
2008-06-24