04-10-2020 03:13 PM
Hello,
I am tasked with sending logs from specific interfaces to nagios syslog server. Here is my config
logging 10.1.2.2
logging trap 6
Logging source-interface GigabitEthernet 1/0/20
Logging source-interface GigabitEthernet 2/0/19
Logging source-interface GigabitEthernet 1/0/18
Logging source-interface GigabitEthernet 2/0/17
Logging source-interface GigabitEthernet 1/0/22
Logging source-interface GigabitEthernet 2/0/21
Logging source-interface GigabitEthernet 1/0/24
Logging source-interface GigabitEthernet 2/0/23
My concern is that when I used to show logging command.I could only see Gi2/0/23 as the source interface,the rest are not been captured.
Logging to 10.1.2.2(udp port 514, audit disabled,
link up),
9618 message lines logged,
0 message lines rate-limited,
0 message lines dropped-by-MD,
xml disabled, sequence number disabled
filtering disabled
Logging Source-Interface: VRF Name:
GigabitEthernet2/0/23
Solved! Go to Solution.
04-11-2020 11:33 AM
The original poster tells us that he is trying to "sending logs from specific interfaces". And made a logical (but incorrect) assumption that the source interface command would specify the interface that was the source of the event in the log message. @Reza Sharifi has correctly clarified that the source interface command is used to specify the IP address used as the source address of the packet sending the log message to the server.
Are we correct in understanding that the original objective was to send log messages related to specified interfaces and to NOT send log messages related to other interfaces? That would be pretty tricky to accomplish. Perhaps one approach would be to suppress link messages for the other interfaces allowing only the specified interfaces to generate link change messages. Or perhaps another approach would be to write an EEM script which would evaluate all log messages and select messages related to the specified interfaces and forward only those messages to the server?
04-10-2020 06:46 PM
Hi,
GigabitEthernet2/0/23 is just a source interface for sending logs but you still should get all the status for all interfaces.
The command should be:
snmp-server host 10.1.2.2
HTH
04-11-2020 11:33 AM
The original poster tells us that he is trying to "sending logs from specific interfaces". And made a logical (but incorrect) assumption that the source interface command would specify the interface that was the source of the event in the log message. @Reza Sharifi has correctly clarified that the source interface command is used to specify the IP address used as the source address of the packet sending the log message to the server.
Are we correct in understanding that the original objective was to send log messages related to specified interfaces and to NOT send log messages related to other interfaces? That would be pretty tricky to accomplish. Perhaps one approach would be to suppress link messages for the other interfaces allowing only the specified interfaces to generate link change messages. Or perhaps another approach would be to write an EEM script which would evaluate all log messages and select messages related to the specified interfaces and forward only those messages to the server?
04-13-2020 10:47 AM
Thank you for the detailed post and clarity.Would you recommend i use Netflow to monitor those interfaces and exporting to our Nagios Log server?What i am trying to achieve is to be able to create filters and alerts on Nagios based on the interfaces we are interested in monitoring(Bandwidth,connectivity with the clusters.etc)
Thanks!
04-13-2020 11:00 AM - edited 04-13-2020 11:02 AM
Hi,
Nagios is SNMP based. So, if you want to monitor the status of interfaces of routers or switches, use the command I provide in the first post to configure it. You can also configure a source interface for SNMP. "snmp-server trap-source Loopback0" In this case, lo0 in an example and should be used when possible. If the device doesn't have a lookpback interface, you can just use another interface that is up and running. Nagios is a free tool, so you need to write some programming/scripts to get it up and running. Also, as far as I know, you shouldn't need Netflow to create charts and graphs for Nagios.
HTH
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide