Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
574
Views
0
Helpful
3
Replies

Syslog Connection

vinoth.kumar
Level 1
Level 1

‎05-19-2009 11:18 AM - edited ‎03-06-2019 05:48 AM

Hi,

In our LAN network we are getting the fluctuation between our server so to track whats happening on the network we introduce the syslog server tool

the problem is we have three data center in three different location and getting all the sysylog messages from all network device to the single location

if some reason the connectivity to the syslog server is lost then the logging msg will be automatically stored in the router buffer for the mean time

is that any config required for store the Logging message for the mean time

one more query if we enabling to send the logging message to syslog server then it will affect teh performance of the router or it will take some addtional CPU or memory

so that we will accordingly plan for the implementation

Thanks in advance

Labels:
0 Helpful
3 Replies 3

Richard Burts
Hall of Fame
Hall of Fame

‎05-19-2009 12:07 PM

vinoth

There are some parts of your message that I do not understand very well. I am not clear about the relationship of fluctuation between servers and the introduction of syslog. But it is clear that you are looking for a way to have the router hold syslog messages in some buffer if they can not be delivered to the syslog server. The IOS router can not hold syslog messages in a buffer and deliver them later. For one thing since syslog messages are sent using UDP, there is no way for the router to know whether the syslog message that it sent was delivered to the syslog server or not.

If you are concerned about the possibility of missing syslog messages, then the usual solution for that is to provision 2 syslog servers and to send syslog messages to both servers. If you choose the servers well, then the odds are that they will not both be unavailable at the same time.

The generation of syslog messages does take a small amount of CPU but it is generally not enough to cause problems.

HTH

Rick

HTH

Rick
0 Helpful

vinoth.kumar
Level 1
Level 1
In response to Richard Burts

‎05-20-2009 02:30 AM

Thnaks for the reply

the issues is we are getting the complaint that the servers are getting disconnected from the network and causes the issue to the application server so to track this we introduce the syslog server to capture the link status of the all port

is there any way to send the log for the user authenticated and logged into the routers

0 Helpful

Richard Burts
Hall of Fame
Hall of Fame
In response to vinoth.kumar

‎05-20-2009 03:34 AM

Vinoth

ok that explains the relationship between syslog and the server problems. It could be very helpful to see messages from switches and routers when problems are reported from the servers.

Yes there is now a way to send a syslog message when someone logs in to the router. The command is login on-success and it will generate a syslog message when someone logs in to the router. there is also a login on-failure if you wanted to see unsuccessful attempts to login. See this link for more details:

http://www.cisco.com/en/US/docs/ios/security/command/reference/sec_k1.html#wp1047900

HTH

Rick

HTH

Rick
0 Helpful
Customers Also Viewed These Support Documents