取消
显示结果 
搜索替代 
您的意思是: 
cancel
公告

December 2020

184
查看次数
0
有帮助
4
回复
jialingwang4038
Beginner

2960没有日志的问题

几台2960进去sh logging没有日志,登录记录也没有,然后我logging on一下,再sh logging能看到登录日志了。

我觉得是配置有问题,请大佬给我看一下,谢谢!

1 个已接受解答

已接受的解答
Rps-Cheers
Rising star

您之前应该是关闭了logging,logging on命令是重新开启logging。

To re-enable message logging after it has been disabled, use the logging on global configuration command.

看您的配置中,关于logging的配置有如下:

 

archive
log config
logging enable
notify syslog contenttype plaintext
hidekeys

是开启了配置更改的logging记录,如果有配置更改,logging中会记录下来(前提是logging开启),具体可以参考示例说明:

 

https://www.cnblogs.com/MomentsLee/p/10162865.html

官方的配置示例:

Switch(config)# archive
Switch(config-archive)# log config
Switch(config-archive-log-cfg)# logging enable
Switch(config-archive-log-cfg)# logging size 500
Switch(config-archive-log-cfg)# end

第二个就是logging日志本身配置,

logging trap debugging
logging source-interface Vlan10
logging 172.16.90.3

限制记录到系统日志服务器的消息,这里是debugging级别的。然后以VLAN10为源发送logging,发送的目的地址为172.16.90.3。

 

关于2960默认的logging配置。

Feature Default Setting

System message logging to the console

Enabled.

Console severity

Debugging (and numerically lower levels; see Table 1-3).

Logging file configuration

No filename specified.

Logging buffer size

4096 bytes.

Logging history size

1 message.

Time stamps

Disabled.

Synchronous logging

Disabled.

Logging server

Disabled.

Syslog server IP address

None configured.

Configuration change logger

Disabled

Server facility

Local7 (see Table 1-4).

Server severity

Informational (and numerically lower levels; see Table 1-3).

 

如下是实际的一个配置示例:

archive
 log config
  logging enable
  notify syslog
  hidekeys

service timestamps debug datetime msec
service timestamps log datetime msec
logging userinfo
logging buffered 8192 debugging
!
line con 0
 privilege level 15
 logging synchronous
!
line vty 0 4
 password cisco
 logging synchronous
 login

如果需要配置logging destination,也可以添加命令(这里也验证了archive的命令记录了命令修改的logging)
SW(config)#logging trap debugging
SW(config)#loggin
SW(config)#logging
*Mar 1 00:14:15.591: %PARSER-5-CFGLOG_LOGGEDCMD: User:console logged command:logging trap debugging
SW(config)#logging 1.2.3.4
SW(config)#
*Mar 1 00:14:24.899: %PARSER-5-CFGLOG_LOGGEDCMD: User:console logged command:logging 1.2.3.4
SW(config)#
*Mar 1 00:14:25.899: %SYS-6-LOGGINGHOST_STARTSTOP: Logging to host 1.2.3.4 started - CLI initiated

使用另外一台设备登录该SW:
Router#telnet 12.1.1.2
Trying 12.1.1.2 ... Open


User Access Verification

Password:
SW>en
Password:
SW#
SW#show logging
Syslog logging: enabled (11 messages dropped, 0 messages rate-limited,
                0 flushes, 0 overruns, xml disabled, filtering disabled)
    Console logging: level debugging, 44 messages logged, xml disabled,
                     filtering disabled
    Monitor logging: level debugging, 0 messages logged, xml disabled,
                     filtering disabled
    Buffer logging: level debugging, 16 messages logged, xml disabled,
                    filtering disabled
    Logging Exception size (4096 bytes)
    Count and timestamp logging messages: disabled

No active filter modules.

    Trap logging: level debugging, 47 message lines logged
        Logging to 1.2.3.4(global) (udp port 514, audit disabled,  link up), 4 message lines logged, xml disabled,
               filtering disabled

Log Buffer (8192 bytes):

*Mar  1 00:03:13.051: %PARSER-5-CFGLOG_LOGGEDCMD: User:console  logged command:logging buffered 8192
*Mar  1 00:03:13.847: %SYS-5-CONFIG_I: Configured from console by console
*Mar  1 00:03:22.111: %PARSER-5-CFGLOG_LOGGEDCMD: User:console  logged command:interface l0
*Mar  1 00:03:23.079: %LINEPROTO-5-UPDOWN: Line protocol on Interface Loopback0, changed state to up
*Mar  1 00:03:27.279: %PARSER-5-CFGLOG_LOGGEDCMD: User:console  logged command:ip address 10.10.10.10 255.255.255.255
*Mar  1 00:03:27.803: %SYS-5-CONFIG_I: Configured from console by console
*Mar  1 00:03:37.727: %PARSER-5-CFGLOG_LOGGEDCMD: User:unknown user  logged command:!exec: enable
*Mar  1 00:09:24.091: %PARSER-5-CFGLOG_LOGGEDCMD: User:console  logged command:logging userinfo
*Mar  1 00:09:25.003: %SYS-5-CONFIG_I: Configured from console by console
*Mar  1 00:09:40.703: %SYS-5-PRIV_AUTH_PASS: Privilege level set to 15 by unknown on vty0 (12.1.1.1)
*Mar  1 00:09:40.707: %PARSER-5-CFGLOG_LOGGEDCMD: User:unknown user  logged command:!exec: enable
*Mar  1 00:14:15.591: %PARSER-5-CFGLOG_LOGGEDCMD: User:console  logged command:logging trap debugging
*Mar  1 00:14:24.899: %PARSER-5-CFGLOG_LOGGEDCMD: User:console  logged command:logging 1.2.3.4
*Mar  1 00:14:25.899: %SYS-6-LOGGINGHOST_STARTSTOP: Logging to host 1.2.3.4 started - CLI initiated
*Mar  1 00:17:21.683: %SYS-5-PRIV_AUTH_PASS: Privilege level set to 15 by unknown on vty0 (12.1.1.1)
*Mar  1 00:17:21.687: %PARSER-5-CFGLOG_LOGGEDCMD: User:unknown user  logged command:!exec: enable

官方文档:

https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst2960/software/release/12-2_55_se/configuration/guide/scg_2960/swlog.html#41240

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Rps-Cheers | If it solves your problem, please mark as answer. Thanks !

在原帖中查看解决方案

4 条回复4
jialingwang4038
Beginner


!
!
archive
log config
logging enable
notify syslog contenttype plaintext
hidekeys
!
spanning-tree mode pvst
spanning-tree extend system-id
spanning-tree vlan 10 priority 28672
!
vlan internal allocation policy ascending
!
ip ssh authentication-retries 5
ip ssh version 2
!
!
!
interface GigabitEthernet1/0/1
switchport access vlan 10
!
interface GigabitEthernet1/0/2
switchport access vlan 10
!
interface GigabitEthernet1/0/3
switchport access vlan 10
!
interface GigabitEthernet1/0/4
switchport access vlan 10
!
interface GigabitEthernet1/0/5
switchport access vlan 10
!
interface GigabitEthernet1/0/6
switchport access vlan 10
!
interface GigabitEthernet1/0/7
switchport access vlan 10
!
interface GigabitEthernet1/0/8
switchport access vlan 10
!
interface GigabitEthernet1/0/9
switchport access vlan 10
!
interface GigabitEthernet1/0/10
switchport access vlan 10
!
interface GigabitEthernet1/0/11
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface GigabitEthernet1/0/12
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface Vlan1
no ip address
!
interface Vlan10
ip address 172.16.90.7 255.255.255.0
!
ip default-gateway 172.16.90.1
ip classless
ip http server
ip http secure-server
!
!
!
logging trap debugging
logging source-interface Vlan10
logging 172.16.90.3
access-list 110 permit tcp 172.16.90.0 0.0.0.255 any eq 22
access-list 110 deny tcp any any
!

Rps-Cheers
Rising star

您之前应该是关闭了logging,logging on命令是重新开启logging。

To re-enable message logging after it has been disabled, use the logging on global configuration command.

看您的配置中,关于logging的配置有如下:

 

archive
log config
logging enable
notify syslog contenttype plaintext
hidekeys

是开启了配置更改的logging记录,如果有配置更改,logging中会记录下来(前提是logging开启),具体可以参考示例说明:

 

https://www.cnblogs.com/MomentsLee/p/10162865.html

官方的配置示例:

Switch(config)# archive
Switch(config-archive)# log config
Switch(config-archive-log-cfg)# logging enable
Switch(config-archive-log-cfg)# logging size 500
Switch(config-archive-log-cfg)# end

第二个就是logging日志本身配置,

logging trap debugging
logging source-interface Vlan10
logging 172.16.90.3

限制记录到系统日志服务器的消息,这里是debugging级别的。然后以VLAN10为源发送logging,发送的目的地址为172.16.90.3。

 

关于2960默认的logging配置。

Feature Default Setting

System message logging to the console

Enabled.

Console severity

Debugging (and numerically lower levels; see Table 1-3).

Logging file configuration

No filename specified.

Logging buffer size

4096 bytes.

Logging history size

1 message.

Time stamps

Disabled.

Synchronous logging

Disabled.

Logging server

Disabled.

Syslog server IP address

None configured.

Configuration change logger

Disabled

Server facility

Local7 (see Table 1-4).

Server severity

Informational (and numerically lower levels; see Table 1-3).

 

如下是实际的一个配置示例:

archive
 log config
  logging enable
  notify syslog
  hidekeys

service timestamps debug datetime msec
service timestamps log datetime msec
logging userinfo
logging buffered 8192 debugging
!
line con 0
 privilege level 15
 logging synchronous
!
line vty 0 4
 password cisco
 logging synchronous
 login

如果需要配置logging destination,也可以添加命令(这里也验证了archive的命令记录了命令修改的logging)
SW(config)#logging trap debugging
SW(config)#loggin
SW(config)#logging
*Mar 1 00:14:15.591: %PARSER-5-CFGLOG_LOGGEDCMD: User:console logged command:logging trap debugging
SW(config)#logging 1.2.3.4
SW(config)#
*Mar 1 00:14:24.899: %PARSER-5-CFGLOG_LOGGEDCMD: User:console logged command:logging 1.2.3.4
SW(config)#
*Mar 1 00:14:25.899: %SYS-6-LOGGINGHOST_STARTSTOP: Logging to host 1.2.3.4 started - CLI initiated

使用另外一台设备登录该SW:
Router#telnet 12.1.1.2
Trying 12.1.1.2 ... Open


User Access Verification

Password:
SW>en
Password:
SW#
SW#show logging
Syslog logging: enabled (11 messages dropped, 0 messages rate-limited,
                0 flushes, 0 overruns, xml disabled, filtering disabled)
    Console logging: level debugging, 44 messages logged, xml disabled,
                     filtering disabled
    Monitor logging: level debugging, 0 messages logged, xml disabled,
                     filtering disabled
    Buffer logging: level debugging, 16 messages logged, xml disabled,
                    filtering disabled
    Logging Exception size (4096 bytes)
    Count and timestamp logging messages: disabled

No active filter modules.

    Trap logging: level debugging, 47 message lines logged
        Logging to 1.2.3.4(global) (udp port 514, audit disabled,  link up), 4 message lines logged, xml disabled,
               filtering disabled

Log Buffer (8192 bytes):

*Mar  1 00:03:13.051: %PARSER-5-CFGLOG_LOGGEDCMD: User:console  logged command:logging buffered 8192
*Mar  1 00:03:13.847: %SYS-5-CONFIG_I: Configured from console by console
*Mar  1 00:03:22.111: %PARSER-5-CFGLOG_LOGGEDCMD: User:console  logged command:interface l0
*Mar  1 00:03:23.079: %LINEPROTO-5-UPDOWN: Line protocol on Interface Loopback0, changed state to up
*Mar  1 00:03:27.279: %PARSER-5-CFGLOG_LOGGEDCMD: User:console  logged command:ip address 10.10.10.10 255.255.255.255
*Mar  1 00:03:27.803: %SYS-5-CONFIG_I: Configured from console by console
*Mar  1 00:03:37.727: %PARSER-5-CFGLOG_LOGGEDCMD: User:unknown user  logged command:!exec: enable
*Mar  1 00:09:24.091: %PARSER-5-CFGLOG_LOGGEDCMD: User:console  logged command:logging userinfo
*Mar  1 00:09:25.003: %SYS-5-CONFIG_I: Configured from console by console
*Mar  1 00:09:40.703: %SYS-5-PRIV_AUTH_PASS: Privilege level set to 15 by unknown on vty0 (12.1.1.1)
*Mar  1 00:09:40.707: %PARSER-5-CFGLOG_LOGGEDCMD: User:unknown user  logged command:!exec: enable
*Mar  1 00:14:15.591: %PARSER-5-CFGLOG_LOGGEDCMD: User:console  logged command:logging trap debugging
*Mar  1 00:14:24.899: %PARSER-5-CFGLOG_LOGGEDCMD: User:console  logged command:logging 1.2.3.4
*Mar  1 00:14:25.899: %SYS-6-LOGGINGHOST_STARTSTOP: Logging to host 1.2.3.4 started - CLI initiated
*Mar  1 00:17:21.683: %SYS-5-PRIV_AUTH_PASS: Privilege level set to 15 by unknown on vty0 (12.1.1.1)
*Mar  1 00:17:21.687: %PARSER-5-CFGLOG_LOGGEDCMD: User:unknown user  logged command:!exec: enable

官方文档:

https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst2960/software/release/12-2_55_se/configuration/guide/scg_2960/swlog.html#41240

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Rps-Cheers | If it solves your problem, please mark as answer. Thanks !

在原帖中查看解决方案

非常感谢您!

不客气~

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Rps-Cheers | If it solves your problem, please mark as answer. Thanks !
Content for Community-Ad