cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
303
Views
0
Helpful
4
Replies
Highlighted
Beginner

Filtering authentication messages on switches

Hello,

I want to reduce the amount of syslog messages going to a syslog server for 802.1x, MAB and authentication messages from our switches and have seen the commands:

no authentication logging verbose

no dot1x logging verbose

no mab logging verbose.

 

I've searched everywhere and the explanantion is that they filter out the respective verbose system messages "typically relating to authenication success". I was hoping to find out exactly what they filter out, e.g. a list, but haven't been able to find that anywhere.

I understand what the bottom two lines will do but not the top line. Does anyone know wehre I could find that information?

Also, it's probably not the right forum but where on earth can I find how to do this also on a HP switch!

Thanks,

Jimothy007

4 REPLIES 4
Highlighted
Frequent Contributor

I see what you mean, I suppose the only thing to do is see the difference in the system log with and without verbose logging

no authentication logging verbose

Use the no authentication logging verbose global configuration command on the switch stack or on a standalone switch to filter detailed information from authentication system messages.

no authentication logging verbose

Defaults

All details are displayed in the system messages.

Syntax Description

This command has no arguments or keywords.

Command Modes

Global configuration

Command History

Release
Modification

12.2(55)SE

This command was introduced.

Usage Guidelines

This command filters details, such as anticipated success, from authentication system messages.

Examples

To filter verbose authentication system messages:

Switch(config)# no authentication logging verbose
Highlighted

Richard, Yeah, weird there is no detailed description, will just have to apply it and see what it does if I go this way. Jim
Highlighted
VIP Mentor

Hi just an option may work you try could use logging discriminator block them going to syslog, you can filter by msg body type that gets sent out to syslog

http://www.cisco.com/c/en/us/td/docs/ios/12_4t/12_4t11/htnmsylg.html

Highlighted

Thanks Mark, I'll look into that one, could be another option.

Jim

Content for Community-Ad