Configure a UNIX System Log and Syslog Host

Configure the syslog to control a facility in UNIX machines that logs SNMP messages and assigns each message a severity level based on importance.

About this task

You can log system log messages to external system log hosts with both IPv4 and IPv6 addresses with no difference in functionality or configuration.

Procedure

  1. Enter Global Configuration mode:

    enable

    configure terminal

  2. Enable the system log:

    syslog enable

  3. Configure the maximum number of syslog hosts:

    syslog max-hosts <1-10>

  4. Create the syslog host:

    syslog host <1-10>

  5. Configure the IP address for the syslog host:

    syslog host <1-10> address WORD <0–46>

  6. Enable the syslog host:

    syslog host <1-10> enable

    Configure optional syslog host parameters by using the variables in the following variable definition tables.

  7. View the configuration to ensure it is correct:

    show syslog [host <1–10>]

Examples

Switch:1(config)#syslog enable
Switch:1(config)#syslog host 7 address 192.0.2.1
Switch:1(config)#syslog host 7 enable
Switch:1(config)#show syslog host 7

                 Id : 7
             IpAddr : 192.0.2.1
            UdpPort : 514
           Facility : local7
           Severity : info|warning|error|fatal
    MapInfoSeverity : info
 MapWarningSeverity : warning
   MapErrorSeverity : error
     MapMfgSeverity : notice
   MapFatalSeverity : emergency
             Enable : true
SecureForwardingMode: none
           Tcp Port : 1025
Switch:1(config)#show syslog             

 Enable    : true
 Max Hosts : 5
 OperState : active
 header : default
 Total number of configured hosts : 3
 Total number of enabled hosts : 1
 Configured host : 7  8  9
 Enabled host : 7

 TLS-minimum-version           : tlsv11
 Ciphers-Tls                   : TLS_DHE_RSA_WITH_AES_256_CBC_SHA TLS_DHE_RSA_WITH_AES_128_CBC_SHA
                                 TLS_RSA_WITH_AES_256_CBC_SHA TLS_RSA_WITH_AES_128_CBC_SHA

Variable Definitions

The following table defines parameters for the syslog command.

Variable

Value

enable

Enables the sending of syslog messages on the device. Use the no operator before this parameter, no syslog enable, to disable the sending of syslog messages on the device. The default is enabled.

max-hosts <1-10>

Specifies the maximum number of syslog hosts supported, from 1–10. The default is 5.

The following table defines parameters for the syslog host command.

Variable

Value

1–10

Creates and configures a host instance. Use the no operator before this parameter, no syslog host, to delete a host instance.

address WORD <0–46>

Configures a host location for the syslog host. WORD <0–46> is the IPv4 or IPv6 address of the UNIX system syslog host in the format A.B.C.D or x:x:x:x:x:x:x:x. You can log system log messages to external system log hosts with both IPv4 and IPv6 addresses with no difference in functionality or configuration.

enable

Enables the syslog host. Use the no operator before this parameter, no syslog host enable, to disable syslog host. The default is disabled.

facility {local0|local1|local2|local3|local4|local5|local6|local7}

Specifies the UNIX facility in messages to the syslog host. {local0|local1|local2|local3|local4|local5|local6|local7} is the UNIX system syslog host facility. The default is local7.

maperror {emergency|alert|critical|error|warning|notice|info|debug}

Specifies the syslog severity to use for error messages. The default is error.

mapfatal {emergency|alert|critical|error|warning|notice|info|debug}

Specifies the syslog severity to use for fatal messages. The default is emergency.

mapinfo {emergency|alert|critical|error|warning|notice|info|debug}

Specifies the syslog severity level to use for information messages. The default is info.

mapwarning {emergency|alert|critical|error|warning|notice|info|debug}

Specifies the syslog severity to use for warning messages. The default is warning.

severity <info|warning|error|fatal> [<info|warning|error|fatal>] [<info|warning|error|fatal>] [<info|warning|error|fatal>]

Specifies the severity levels for which to send syslog messages. You can specify up to four severity levels in the same command string. The default is info.

udp-port <514-530>

Specifies the User Datagram Protocol port number on which to send syslog messages to the syslog host. This value is the UNIX system syslog host port number from 514–530. The default is 514.