Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2618
Views
0
Helpful
8
Replies

How to log access events of Router-Switches-Firewall to CiscoWorks Server?

m-abooali
Level 4
Level 4

‎07-03-2005 02:09 PM

Hi,

I am trying to have all the Access to my devices to be logged at sent to my CiscoWorks Server. I do have remote Console Access to these devices as well - if at matters at all. How can I have this accomplished? commands to go on my routers/swicthes/Firewall? how should the CiscoWorks server be setup to do this?

I was under the impression that Ciscoworks does this automatically for the devices that it sees??

Please help as I really need this as this has become mandatory in my workplace and I need to show this has been accomplished.

Thanks for youe help.

Masood

Labels:
0 Helpful
8 Replies 8

nhabib
Level 9
Level 9

‎07-03-2005 06:33 PM

You need to enable logging to the ip address of your CiscoWorks server. Let's say your CW server's address is 10.10.10.10, the commands would be:

- on IOS devices: logging on

logging 10.10.10.10

- on CatOS devices: set logging server enable

set logging server 10.10.10.10

Firewalls send too many syslog messages out, and are known to break the RME database.

0 Helpful

m-abooali
Level 4
Level 4
In response to nhabib

‎07-03-2005 08:57 PM

Thanks for your prompt response. OK, I did that, where in CiscoWorks I can see the logs?

Thx,

Masood

0 Helpful

nhabib
Level 9
Level 9
In response to m-abooali

‎07-04-2005 05:09 AM

Resource Manager Essentials -> Syslog Analysis

0 Helpful

m-abooali
Level 4
Level 4
In response to nhabib

‎07-04-2005 01:04 PM

I was trying to get the report from that link but it keeps telling me to check if the logging has been enabled on the device(s)??

I have enabled logging as you message indicated on Cisco IOS image and the CAT images.

any thoughts of why this is happening??

Thanks,

Masood

0 Helpful

nhabib
Level 9
Level 9
In response to m-abooali

‎07-04-2005 05:52 PM

First thing to check is the CSCOpx\log\syslog.log file

How big is it? Are the messages from the devices making their way into the file?

0 Helpful

m-abooali
Level 4
Level 4
In response to nhabib

‎07-09-2005 07:40 PM

Yes,

This file is 1.4 MB and I can see messages as new as July 9, telling me a VLAN mismatch from a port of my main switch which I do know about it.

when I try to see logs from my two routers (public IP address and my CiscoWorks Server has Private IP address) it says check to see if logging is enabled on the device and it is enabled on both the Routers with logging host defined as well. CiscoWorks show complete information on those Routers but logs are not sent or Ciscoworks thinks that logging isn't enabled on those Routers.

is there any way to have these logs sent to a user defoned folder within the CiscoWorks folder (RootDirector)?? this way it will be easier to manage as I have found the CiscoWorks Directory Structure not being users frendly!!

One more questions:

Also, why I the CM cannot reach two new CAT 3560 switches I have installed? Red (SNMP problem), CM 3.3 IDU 11.

Thx,

Masood

0 Helpful

m-abooali
Level 4
Level 4
In response to nhabib

‎07-05-2005 10:02 AM

HI,

This link is more UNIX oriented and my CiscoWorks serveris on a Windows 200 server.

I did all but for two of my routers (they are in the System -Ciscoworks), it says logging isn't enabled on the devices but logging is anabled and I can see form the device when I type

sh logging

it telss me how may have been logged.

I can see loggs from a switch in CiscoWorks but not my routers??

thx,

Masood

0 Helpful
Customers Also Viewed These Support Documents