Greetings,
I have both on-success and on-failure logging setup per the below. The problem is that on-failure logins work just fine, they send a message to the router logs, then send an snmp trap to my trap receiver at 192.168.197.2. However, on-success logins send a message to the router logs, but never send an snmp trap? Based on the debug snmp packet (below) it does not even attempt to send out the trap. Any suggestions?
login block-for 15 attempts 15 within 60
login on-failure log
login on-success log
!
archive
log config
logging enable
notify syslog
hidekeys
!
snmp-server enable traps syslog
snmp-server host 192.168.197.2 public syslog
===============================================================
Router log with snmp packet/header debugging.
===============================================================
*Oct 16 09:32:27.260: %SEC_LOGIN-4-LOGIN_FAILED: Login failed [user: neteng] [Source: 0.0.0.0] [localport: 0] [Reason: Login Authentication Failed - BadPassword] at 09:32:27 UTC Fri Oct 16 2009
*Oct 16 09:32:27.284: SNMP: Queuing packet to 192.168.197.2
*Oct 16 09:32:27.284:
Outgoing SNMP packet
*Oct 16 09:32:27.288: v1 packet
*Oct 16 09:32:27.288: community string: public
*Oct 16 09:32:27.288: SNMP: V1 Trap, ent ciscoSyslogMIB.2, addr 192.168.192.40, gentrap 6, spectrap 1
clogHistoryEntry.2.9 = SEC_LOGIN
clogHistoryEntry.3.9 = 5
clogHistoryEntry.4.9 = LOGIN_FAILED
clogHistoryEntry.5.9 = Login failed [user: neteng] [Source: 0.0.0.0] [localport: 0] [Reason: Login Authentication Failed - BadPassword] at 09:32:27 UTC Fri Oct 16 2009
clogHistoryEntry.6.9 = 694743
*Oct 16 09:32:27.537: SNMP: Packet sent via UDP to 192.168.197.2
*Oct 16 09:32:37.657: %SEC_LOGIN-5-LOGIN_SUCCESS: Login Success [user: neteng] [Source: 0.0.0.0] [localport: 0] at 09:32:37 UTC Fri Oct 16 2009
*Oct 16 10:19:43.149: %SEC_LOGIN-5-LOGIN_SUCCESS: Login Success [user: neteng] [Source: 0.0.0.0] [localport: 0] at 10:19:43 UTC Fri Oct 16 2009
Router#
