03-01-2013 07:54 AM
Hi!
I'm trying to get some SAN-switches (9124/9148 with NX-OS 5.0(4d) to log everything to a syslog server.
From looking in the manuals it seems like "logging server <ip-address> <severity>" should do the trick, but when i tested with using severity 6, i couldnt see anything on the syslog server from something like logging in or logging out, which i assumed should be logged to the syslog-server.
In short due to paranoia and security, the security people wants everything (including logins, logouts etc) that happens on the switches to be logged to a syslog server.
So if anyone has any pointers on this that would be great :-)
03-14-2013 02:25 PM
what is the output of show logging server ?
you should get something similar to this.
switch# show logging server
Logging server: enabled
{IP address}
server severity: debugging
server facility: local7
03-29-2013 11:58 AM
Configuration is simple(on the core switch)
1) Config t
2) logging server 192.168.1.1
3) logging server 192.168.1.2
4) logging distribute
5) logging commit
On the Edge
1) sh cfs application name syslogd
2) show logging server
NOTE: By default the log level is local7 --> which is pretty much ur security folks will need.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide