02-24-2014 04:44 AM - edited 03-07-2019 06:23 PM
Hello Experts,
We are in process of configiuring the Network devices to send the logs to syslog server that we newly setup in our enviornment. Below is the config that we did over the network devices:
conf t
logging host 192.168.1.10 transport udp port 520
logging trap informational
exit
write memory.
We are using the software that will report the alert of any failure attemps of network devices but when I try to create some dummy login failures then there are no logs being shown up on syslog server and no alert is triggered for the same.
Can somebody help me in this issue as we have no problem with the Cisco ASA firewall.
Thanks,
02-24-2014 05:08 AM
Adley,
This site should help you out.
02-24-2014 05:26 AM
Thanks John.
Can you please tell me what logs the Cisco appliance (Router and Switch) is send to the Syslog Server when the trap is set "informational".
The same settings is done on Cisco ASA firewall and it logged everything (Attacks, Spoof, Failure, Successfull attemps and etc.)
I reviewed the resolution stated in the link that you are given and we need to set the additional config on router to have the successfull/failure log events:
login block-for 60 attempts 3 within 60
login on-failure log every 3
login on-success log
We are using
Version 12.4(15)T12, RELEASE SOFTWARE (fc3)
Thanks
Thanks.
02-24-2014 05:33 AM
Also what about the dropped traffic from access lists, is it required some additional settings on Router/Switch?
Thanks.
02-24-2014 06:00 AM
Adley,
I honestly don't know everythign that is included with the Information Level. Except for that it includes everything at the INformation Level and above.
You would have to search for a link to find this information I'm sure.
Depending on where your syslog server is, I would recommend, not logging so much that you really can't tell what's going on.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide