cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1509
Views
0
Helpful
4
Replies

SNMP traps for switch login not getting sent to syslog server

dbuckley77
Level 1
Level 1

Our network consists of primarily 3560G, 2960G and 2960X switches that we have configured to send snmp traps to a syslog server but not all of the switches are sending traps for user logins despite being configured the same.  need assistance.

 

Below is what we have configured:

 

login on-failure log
login on-success log

 

logging trap notifications
logging host 10.100.x.xx

4 Replies 4

balaji.bandi
Hall of Fame
Hall of Fame

when you mentioned all are not sending -  is this means some switches sending as expected?

 

Can you give us what model of switchable to send which one not sending the logs as expected?

 

can you post-show version of that be working and not working to look?

 

Hope Syslog server reachable to all the devices - this is a basic requirement (just checking to make sure it has reachability).

 

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Most of the switches we're having issues with are 2960Gs.  

config

try adding below command - see that works :

 

ip ssh logging events

 

if not could be a bug, if you get chance try different 15.X  train.

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Hello,

 

there are numerous bugs that could apply, such as the one below:

 

3750 running 122-35.SE2 will not log login failures
CSCsi16935
Description

Symptom:
3750 running 12.2(35)SE2 code will not log failed login attempts when "login
on-failure log" is configured. It will log successful attempts, just not
failed attempts.
The log one would expect to see is %SEC_LOGIN-4-LOGIN_FAILED


Condition:
- 3750 running 12.2(35)SE2
- Failed login attempt
- "login on-failure log" is configured

Workaround:

Configure "login block-for" in conjunction with "login on-failure".