02-11-2019 06:06 AM - edited 03-08-2019 05:18 PM
Is there a command or way to see switch logging? For instance If someone shuts down multiple ports, can I run a command that says At such and such time ports x-x were shut down etc etc. Is there anything like that?
Solved! Go to Solution.
02-11-2019 06:41 AM
In which case you want this:
...the commands will be the same for all 15.x versions.
Cheers,
Seb
02-11-2019 06:15 AM
Hi there,
Take a look at configuration logging:
Command syntax is different between OS flavours. What platform are you using?
Cheers,
Seb.
02-11-2019 06:17 AM
02-11-2019 06:41 AM
In which case you want this:
...the commands will be the same for all 15.x versions.
Cheers,
Seb
02-11-2019 10:36 AM
04-30-2019 04:31 AM
Hello everyone,
I use Graylog 2.5 Please , in the case of switch Logs meesage , how can i see the log source with the name of Switch not his address IP ? is there a configuration to do in the switch cisco ?
04-30-2019 05:16 AM
Hi there,
try adding the following to your cisco device:
! logging origin-id hostname !
cheers,
Seb.
05-01-2019 03:31 AM
05-21-2019 09:18 AM - edited 05-21-2019 09:20 AM
05-21-2019 09:40 AM
Hello Ayoud,
CDP native vlan mismatch means that a switch port connected to another switch has detected that the two ports belong to two different Vlans.
IF the two ports are in access mode you are joining two Vlans that should stay isolated at layer2.
If the two ports are trunk ports using 802.1Q encapsulation a mismatch in native Vlan may have impacts on IP connectivity.
Usually the message refers to access ports.
the CDP protocol allows to discover a Cisco device directly connected to the local device.
CDP carries some information about the neighbor device including the native Vlan number.
You should fix this issue by putting both ports in the same Vlan if they are access ports, by configuring the same native vlan if they are 802.1Q trunk.
Hope to help
Giuseppe
05-21-2019 03:32 PM
05-22-2019 02:59 AM
Hello Ayoub,
if you have no control on the switch you should report the notes to the people that control it so that they can make corrections to configuration and /or cabling.
About your other questions:
in syslog messages there are some fields that are used to classify messages.
By default Cisco devices send log messages with facility = local 7.
So nothing to care about it.
The level tells how important is the message.
levels are 0 to 7
lowest level means more important.
A device can be configured to send log messages up to a specified level.
This for example avoids to send messages created by debug ( level 7) to the syslog server as they can be a lot and this saves cpu usage on device during troubleshooting.
By default devices should send log messages up to level 5 if I remember correctly.
The sequence is actually the sequence number of the log message as recorded in the device. This should increment by 1 for each log message from device last reboot.
The timestamp provides the date, time, and can include the msecs of the log message using the clock on the network device itself.
The clock is usually synchronized using NTP protocol.
Hope to help
Giuseppe
05-22-2019 05:32 AM
06-01-2019 04:56 PM
09-12-2019 07:05 AM
hello everyone,
Can anyone help me to understand this log message that comes from Switch cisco.
(DHCP_SNOOPING-5-DHCP_SNOOPING_MATCH_MAC_FAIL: DHCP_SNOOPING drop message because the chaddr doesn't match source mac, message type: ............................)
Best Regards,
Ayoub Labidi
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide