Hello all,
just trying to find out the pro's and con's of using a syslog scanning tool (like OAK) to monitor attempts to compromise (brute force) the access to cisco devices.
Will a router/switch/ect. fail to send out syslog messages, while under attack/heavy load ?
Seen some incidents, where a router did not respond to pings anymore because beeing attacked. So I had been told, that the respond to the ping has been dropped due to the heavy load.
Maybe this is also apply to the syslog process ???