07-13-2023 11:28 AM
Hello,
I'm curious to know if there is a way to filter out specific logins on Cisco 9200/9300 switches. I would like to filter out the user VanDeesel because they log in every minute or so to pull data. However, I would still like to see if other users log in. VanDeesel is cluttering up my logs.
For instance, I would like these messages not to show up in the log, but I want other level 5 messages to appear:
Jul 13 2023 12:33:51.436 EDT: %SEC_LOGIN-5-LOGIN_SUCCESS: Login Success [user: VanDeesel] [Source: 127.0.0.0] [localport: 22] at 12:33:51 EDT Thu Jul 13 2023
Thanks.
Solved! Go to Solution.
07-13-2023 12:45 PM
Hello!
Yes you can use the logging discriminator. Synatx:
logging discriminator VanDeesel msg-body drops VanDeesel
logging buffered discriminator VanDeesel 200000
BR
07-13-2023 12:45 PM
Hello!
Yes you can use the logging discriminator. Synatx:
logging discriminator VanDeesel msg-body drops VanDeesel
logging buffered discriminator VanDeesel 200000
BR
07-14-2023 09:34 AM
Thank you!!
Would this also prevent the log from going to our syslog server?
07-14-2023 11:13 AM
Yes. Use the following syntax.
logging host SYSLOG-IP discriminator VanDeesel
If this helped you please mark the messages as helpful and accept as solution.
TY and BR
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide